The security development lifecycle : SDL, a process for developing demonstrably more secure software

Part 1: The Need for the SDL Enough is Enough: The Threats Have Changed Current Software Development Methods Fail to Produce Secure Software A Short History of the SDL at Microsoft SDL for Management Part 2: The Security Development Lifecycle Process Stage 0: Education and Awareness Stage 1: Project Inception Stage 2: Define and Follow Design Best Practices Stage 3: Product Risk Assessment Stage 4: Risk Analysis Stage 5: Creating Security Documents, Tools, and Best Practices for Customers Stage 6: Secure Coding Policies Stage 7: Secure Testing Policies Stage 8: The Security Push Stage 9: The Final Security Review Stage 10: The Security Response Planning Stage 11: Product Release Stage 12: Security Response Execution Part 3: SDL Reference Material Integrating SDL with Agile Methods SDL Banned Function Calls SDL Minimum Cryptographic Standards SDL-Required Tools and Compiler options Threat Tree Patterns