When should application security be applied to a project? If it is not applied during this phase, what is the best way to make sure it is added?
Over the years, Microsoft has moved from one of the worst offenders of securing their applications to one of the more respected software vendors. Why have other software vendors not moved to a more secure model?
300+ words with references.