David Ladd, a senior security program manager discussed in detail the initiative — announced, wherein Steve Lipner revealed “the company's intentions to share its security model with the rest of the software industry — launch of the SDL Threat Modeling Tool 3.0, the SDL Optimization Model and the SDL Pro Network,” — related to building a network of SDL experts designed to offer consultancy and training to companies looking to implement Microsoft's security model.

So, what are we hoping to gain by creating a network of security consulting and training experts to work with customers who want to implement the SDL? Generally speaking, this question has a two-part answer:  First, Microsoft is, and always will be a partner-driven company - we rely on the skills and capabilities of our partners to provide specialized services and broad geographic coverage for Microsoft products and services.  Second, even though there are talented folks in the Microsoft Services organization[…]

Full Article