Microsoft SDL meets CWE/SANS Top25

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Microsoft SDL meets CWE/SANS Top25
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Mon, 2 Feb 2009 18:19:37 +0200 (EET)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Microsoft has released a document describing how the Secure Development 
Lifecycle (SDL) model maps to so-called CWE/SANS Top25 List,
i.e. "25 Most Dangerous Programming Error" list released earlier in January.

Item-by-item type analysis as a Word document has been released too. The link 
is being icluded to referenced MSDN blog entry.

http://blogs.msdn.com/sdl/archive/2009/01/27/sdl-and-the-cwe-sans-top-25.aspx

Juha-Matti

Prev by Date: StreamDown v6.4.3 Local Buffer Overflow PoC
Next by Date: Re: DMXReady Blog Manager (SQL/XSS)
Previous by thread: StreamDown v6.4.3 Local Buffer Overflow PoC
Next by thread: flatnux Flatnux-2009-01-27 Remote File Include
Index(es):
- Date
- Thread