By way of Gary McGraw (co-author of the newest must-read application security book, Exploiting Software: How to Break Code) from the SC-L today:
Today the National Cyber Security Partnership released a set of reports
about the software security problem meant to drive policy in the
Department of Homeland Security. I co-authored the report titled
"Processes to Produce Secure Software" with, among others, Mike Howard,
Watts Humphreys, and Sam Redwine. A copy of our report can be found
here:
http://www.cigital.com/papers/download/secure_software_process.pdf
