Microsoft to Lead Security Best Practices

“My name is Microsoft and I have a problem.” That could be the introductory statement of the company at the group meeting of ISVs With Legacy Systems Full of Security Holes Anonymous.

In a recent article, eWeek talks about Microsoft’s push into application security and security best practices.

In the process of building its newly launched Windows Vista OS, the Redmond, Wash.-based software maker employed a new vulnerability detection process labeled SDL (Security Development Lifecycle), that claims to have greatly reduced the number of holes in its products, and which will also serve as a foundation for the firm’s nascent applications security business.

I’ve written that we’ll see more and more of this type of behavior from large ISVs as they realize security can be a competitive advantage.

Other examples from large vendors: Oracle gets behind Common Vulnerability Scoring System (CVSS), followed by Cisco. Oracle is getting great feedback from customers about this move, according to the Oracle Security Blog.

About Simeon Simeonov

Entrepreneur. Investor. Trusted advisor.
This entry was posted in Uncategorized and tagged . Bookmark the permalink.

1 Response to Microsoft to Lead Security Best Practices

  1. akshay aggarwal says:

    Microsoft focuses on securing ISV’s by sharing a lot of information about their best practices, tools and processes. In fact there is a whole security workshop focused on ISVs. See my blog about it here

Leave a Reply