To build software that meets your security objectives, you
must integrate security activities into your software development
lifecycle. This handbook captures and summarises the key security
engineering activities that should be an integral part of your software
development processes.
These security engineering activities have been developed by Microsoft
patterns & practices to build on, refine and extend core lifecycle
activities with a set of security-specific activities. These include
identifying security objectives, applying design guidelines for security,
threat modelling, security architecture and design reviews, security code
reviews and security deployment reviews.
DOWNLOAD HERE