Analyst Report
SDL Series - Article #3: The Microsoft Security Org Chart
Published: 12/3/2008
In this series, through extensive interviews and research, the authors pull back the covers on Microsoft's Security Development Lifecycle- a development practice upon which millions of users (and billions of dollars) depend.

Summary
This article examines how Microsoft uses defense-in-depth at an organization level to ensure that there are many opportunities to detect and remove software vulnerabilities. You'll see how security responsibilities are assigned from individual developers, up through the global security team.
Included in this document
  • Developers
  • Feature Crews
  • Component-level Security Personnel
  • Product-Level Security Teams
  • Company –wide Security Teams
  • Conclusion
  • About the Authors