Microsoft's program to ensure that developers build secure code is showing early signs of success, according to a senior executive from the company. The Security Development Lifecycle program is one of the results of Microsoft's announcement outlining concentration on security and secure development.
"It's showing early signs of results for us," Microsoft product manager Rick Samona. "Server 2003 went through the SDL, and 2000 did not," he said. "The number of critical reports and security vulnerabilities has been reduced dramatically." According to Microsoft, all its server and commercial products had to go through the SDL and the different in security was remarkable.
News source: IT Observer