Michael Howard plugged his latest book The Security Development Lifecycle in his blog back in April (A New Book: The Security Development Lifecycle). It isn't yet available in stores, but I decided to preorder because I'm really looking forward to this book. Why? Because it describes a security process in development that works - the SDL @ Microsoft.