Integrating the SDL process into Visual Studio

I’ve been a firm believer of integrating as much security tooling as possible into the development process so developers can get on with developing code and designing solutions rather than having to constantly think about dotting the security “i”s and crossing the security “t”s. The less security “friction” the better, because the more you can…


A Conversation About Threat Modeling

This was fun to write; in fact, other than minor edits I wrote it in a single two hour sitting with my laptop by the pool 🙂