Microsoft Security Development Lifecycle (SDL)

As software developers, you must address security and privacy threats in your applications. There are many guidelines available of Security Development Lifecycle, but here’s nice 160 page whitepaper from Microsoft that outlines the SDL process used by Microsoft product groups for application development.

Although this document does not provide an exhaustive reference on the SDL process as practiced at Microsoft, it does addresses SDL guidance for Waterfall and Spiral development, Agile development, web applications and Line of Business application and illustrates the way Microsoft applies the SDL to its products and technologies, including security and privacy requirements and recommendations for secure software development at Microsoft.

As the document mentions:
Secure software development has three elements—best practices, process improvements, and metrics. This document focuses primarily on the first two elements, and metrics are derived from measuring how they are applied.

Will you give this article a +1 ? Thanks in advance

About The Author

Suprotim Agarwal
Suprotim Agarwal, ASP.NET Architecture MVP (Microsoft Most Valuable Professional) works as an Architect Consultant and provides consultancy on how to design and develop Web applications.

Suprotim is also the founder and primary contributor to DevCurry, DotNetCurry and SQLServerCurry. He is the Editor of a Developer Magazine called DNC Magazine. He has also written two EBooks 51 Recipes using jQuery with ASP.NET Controls. and The Absolutely Awesome jQuery CookBook

Follow him on twitter @suprotimagarwal

No comments: