Microsoft has spent several years and untold millions of dollars working on methods to write more secure and reliable software. The company is encouraging other organizations to make the same investment in software security. Microsoft’s much-heralded Security Development Lifecycle (SDLC) is a framework for developing methods for writing secure code. The SDLC was developed specifically for Microsoft s internal processes and is not a one-size-fits-all methodology. Microsoft: Developers need to think like attackers and not users.
Source: https://threatpost.com/microsoft-pushes-better-software-security-practices-111209/73089/