The Microsoft Security Development Lifecycle (SDL) process guidance illustrates the way Microsoft applies the SDL to its products and technologies. A new update has been released on Microsoft Download.
In a recent post on their blog, the team wrote, “We believe our SDL tools and processes add value and should be shared broadly with the security ecosystem – a collective effort is needed to meet the threat to computer users worldwide.”
The updated document adds new recommendations and requirements to the design, implementation, and verification steps in software development.
It includes security and privacy requirements and recommendations for secure software development at Microsoft. It addresses SDL guidance for Waterfall and Spiral development, Agile development, web applications and Line of Business applications.
IT policy makers and software development organizations can leverage this content to enhance and inform their own software security and privacy assurance programs.
For More Information
The SDL Process Guidance can also be found online on the Microsoft Developer Network (MSDN) at http://msdn.microsoft.com/en-us/library/ms995349.aspx.
Organizations that wish to implement the SDL should read the Simplified Implementation of the Microsoft SDL whitepaper.
Bruce D. Kyle
ISV Architect Evangelist | Microsoft Corporation