The Microsoft Security Development Lifecycle (SDL): Process Guidance
Starting with the Trustworthy Computing (TwC) directive of January 2002, many software development groups at Microsoft instigated “security pushes” to find ways to improve the security of existing code. However, the reliable delivery of more secure software requires a comprehensive process. To that end Microsoft defined four guiding principles to guide the creation and support of more secure software: Secure by Design; Secure by Default; Secure in Deployment; and Communications (SD3+C). The SDL brings these principles to life, by integrating them into every step of the software development lifecycle.
This page includes information on each of the phases of the SDL and provides links to resources to get your development crew up to speed on how to create secure applications from inception to support:
http://msdn.microsoft.com/en-us/security/cc420639.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
Recent Links Tagged With "sdl" - JabberTags Says:
December 9th, 2008 at 4:49 am
[…] popular public links >> sdl Still Learning SDL Saved by MewMewIchigogirl on Sat 29-11-2008 The Microsoft Security Development Lifecycle (SDL): Process Guidance Saved by pollitos on Tue 18-11-2008 A post from Rwanda Saved by tbennett017 on Sun 09-11-2008 SDLMAME .127 Saved by varrichardhanks on Thu 06-11-2008 Ed Ropple: A Bit of Buried Treasure: libtcod-net Saved by rhxelj on Tue 14-10-2008 […]