Microsoft has released a document describing how the Secure Development Lifecycle (SDL) model maps to so-called CWE/SANS Top25 List, i.e. "25 Most Dangerous Programming Error" list released earlier in January. Item-by-item type analysis as a Word document has been released too. The link is being icluded to referenced MSDN blog entry.http://blogs.msdn.com/sdl/archive/2009/01/27/sdl-and-the-cwe-sans-top-25.aspx
Juha-Matti