Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This weekend, we posted the Security Development Lifecycle document on the Security Developer Center. We'll headline this a little later today. This article was written by Steve Lipner and Michael Howard. We considered it important enough that we gave the article it's own, easy to remember url:
https://msdn.microsoft.com/security/sdl
Here's a link and a bit more about the article:
The Trustworthy Computing Security Development Lifecycle
This paper discusses the Trustworthy Computing Security Development Lifecycle (or SDL), a process that Microsoft has adopted for the development of software that needs to withstand malicious attack. The process encompasses the addition of a series of security-focused activities and deliverables to each of the phases of Microsoft's software development process.
Mike has some more information here.