We posted our patterns & practices Security Engineering Cheat Sheet to our Application Architecture Knowledge Base on CodePlex. It’s a bird’s-eye view of applying our security techniques to the life cycle. The techniques and approach shipped with VSTS/MSF Agile starting in 2005.
Security Engineering Overlay
Here’s a view that overlays our key patterns & practices security techniques alongside common software engineering activities:
Key Activities in the Life Cycle
The core activities you should consider performing include the following:
- Security Objectives.
- Threat Modeling.
- Security Design Guidelines.
- Security Design Inspection.
- Security Code Inspection.
- Security Testing.
- Security Deployment Inspection.
You can read more about these techniques and how to apply them to your software architecture and your software development life cycle on our Cheat Sheet – patterns & practices Security Engineering.
- Security Engineering (Guidance Share)
- patterns & practices Security Engineering Explained (MSDN)
- patterns & practices Threat Modeling Web Applications (MSDN)
My Related Posts