Outside-in vulnerability assessment for secure software development is a process for identifying and eliminating the most dangerous and potentially exploitable weaknesses in your products. Making your product achieving broad early adoption, positive reviews, and becoming reference on the industry not only for delivering what your clients need, but also for delivering it with an outstanding level of security.
The Security Development Lifecycle (SDL) is a proven secure software development process consisting of security practices grouped into phases, from training to response. However, you may have your main product already within the response phase, whereas its development was not done practicing SDL or any other secure software development methodology. This is mostly true for open source software vendors (i.e. Linux vendors), where training upstream developers for development of its own software is not always viable. This is where outside-in vulnerability assessment can help.
