Distinguished Practitioner

Practical Assurance: Evolution of a Security Development Lifecycle

Steven B. Lipner


Steven B. Lipner is Director of Security Engineering Strategy at Microsoft.

He is responsible for the development of programs to provide improved product security to Microsoft customers, and for the Secure Windows Initiative team that focuses on improving Microsoft's security development processes. Mr. Lipner was one of the leaders of the Windows division security push that mobilized over 8,000 developers, program managers, and testers in a security review of the Windows design and code base. His team has led the definition of Microsoft's security development processes and their integration into the Microsoft product development life cycle.

Mr. Lipner has over thirty years' experience as a researcher, development manager, and general manager in IT security. He served as Executive Vice President and General Manager for Network Security Products at Trusted Information Systems during the period of the company's explosive growth and public stock offering. He has been responsible for the development of mathematical models of security and of a number of secure operating systems. Mr. Lipner was one of the initial twelve members of the United States Computer Systems Security and Privacy Advisory Board. He served on the board from 1989 to 1993, and was reappointed to the board - which has now been renamed the Information Security and Privacy Advisory Board - in early 2000.

Mr. Lipner holds S.B. and S.M. degrees from M.I.T. and attended the Harvard Business School's Program for Management Development. He is the author of numerous professional papers and has spoken on security topics at many professional conferences. He is named as inventor on ten United States patents in the fields of computer and network security.

Read Paper Read Paper (in PDF)

View Presentation View Presentation (in PDF)

[ Wednesday ] [ Thursday ] [ Friday ]