Our Security Development Lifecycle (SDL) team has release a process template for Team Foundation Server 2008. Why is this important? Ask yourself, how secure is your application? Is security built into your application from the beginning or an afterthought? Are you properly protecting your application against SQL Injection? Buffer overflows? Poor exception handling? If you answer “no” or “I don’t know” to any of these questions, then you should definitely check out this template.
What’s included in this process template other than just Work Item Templates you ask? Well, as seen in the screenshot, it comes with some new SDL check-in policies, the SDL Threat Modeling Tool template, and some additional SharePoint components for the Team Portal.
To read more about the template and how it works, check out the SDL Team’s blog on the subject.