patterns & practices Security Engineering Cheat Sheet


We posted our patterns & practices Security Engineering Cheat Sheet to our Application Architecture Knowledge Base on CodePlex.   It’s a bird’s-eye view of applying our security techniques to the life cycle.  The techniques and approach shipped with VSTS/MSF Agile starting in 2005.

Security Engineering Overlay
Here’s a view that overlays our key patterns & practices security techniques alongside common software engineering activities:

SecurityEngineering

Key Activities in the Life Cycle
The core activities you should consider performing include the following:

  • Security Objectives.
  • Threat Modeling.
  • Security Design Guidelines.
  • Security Design Inspection.
  • Security Code Inspection.
  • Security Testing.
  • Security Deployment Inspection.

You can read more about these techniques and how to apply them to your software architecture and your software development life cycle on our Cheat Sheet – patterns & practices Security Engineering.

Additional Resources

My Related Posts

  • patterns & practices Performance Engineering Cheat Sheet
  • Agile Architecture Method
  • New Release: patterns & practices App Arch Guide 2.0 Beta 2
  • Microsoft Presentation, Data Access, Workflow and Integration Technology Cheat Sheets
  • Comments (4)

    1. What means Security Design Guidelines?

    2. J.D. Meier says:

      It simply means putting together checklists for key design decisions.  This one is a good place to start – http://msdn.microsoft.com/en-us/library/aa302332.aspx

    3. a {color : #0033CC;} a:link {color: #0033CC;} a:visited.local {color: #0033CC;} a:visited {color : #800080;}