
I saw a post over on Michael Howard’s blog saying that a new software assurance organization called SAFECode has released a whitepaper on industry best practices for crafting a secure development process. The whitepaper is pretty high level but it does do a good job of laying out the basic activities and checkpoints that organizations need to integrate into their software development lifecycles if they want to create secure software.
–Dan
dan _at_ denimgroup.com