All the VSTS Customers i showed the new SDL Process Template for VSTS 2008 Loved it! – But the problem was very few people were in a position to start over with a new Team Project.
In response to numerous requests the Security Development Lifecycle (SDL) have written a whitepaper on how you can integrate their best practices into your own Team Project Templates- giving you the best of both worlds! Specific artifacts this white paper integrates is:
- SDL Work Item Types: All of the customized work item types that the SDL Process Template uses to create requirements, enforce policies, and enable reporting.
- SDL Requirements and Recommendations: All SDL Tasks to ensure all SDL Requirements and Recommendations are completed.
- SDL Check-in Policies: Enforceable policies to verify the compiler/linker flag protections in Visual Studio are used.
- SDL Reporting: To verify progress toward completing all SDL Tasks and provide an auditable assessment of your software’s security.
- SDL Documents (optional): The supporting document libraries from the SDL Process Template
The whitepaper can be downloaded here: