Appendix P - SDL-Agile Every-Sprint Requirements
| Title | Requirement/Recommendation | Applies to Online Services | Applies to Managed Code | Applies to Native Code |
| AllowPartiallyTrustedCallersAttribute (APTCA) review | Requirement | X | ||
| Apply input validation (LOB) | Requirement | X | X | X |
| Annotate pointers to non-const parameters using Standard Annotation Language (SAL) | Requirement | X | ||
| Avoid Exec in stored procedures | Requirement | X | ||
| Communicate privacy-impacting design changes to the team's privacy advisor | Requirement | X | X | X |
| Compile all code with the /GS compiler option | Requirement | X | X | |
| Comply with SDL firewall requirements | Requirement | X | X | |
| Conduct internal security design review (LOB) | Requirement | X | X | X |
| Do not use banned APIs in new code | Requirement | X | X | |
| Employ reflection and authentication relay defense | Requirement | X | X | |
| Encrypt all secrets, such as credentials, keys, and passwords (LOB) | Requirement | X | X | X |
| Ensure all ASP.NET applications use the ValidateRequest cross-site scripting input validation attribute | Requirement | X | X | |
| Ensure all database access is performed through parameterized queries to stored procedures | Requirement | X | X | X |
| Ensure all team members have had security education within the past year | Requirement | X | X | X |
| Ensure the application domain group is granted only execute permissions on the database stored procedures | Requirement | X | X | X |
| Fix all issues identified by code analysis tools for unmanaged code | Requirement | X | X | |
| Fix all security issues identified by CAT.NET and FxCop static analysis | Requirement | X | X | |
| Follow input validation and output encoding guidelines to defend against cross-site scripting attacks | Requirement | X | X | X |
| Harden or disable XML entity resolution | Requirement | X | X | |
| Host security deployment review (LOB) | Requirement | X | X | X |
| Link all code with the /dynamicbase linker option (Address Space Layout Randomization) | Requirement | X | X | |
| Link all code with the /nxcompat linker option (Data Execution Prevention) | Requirement | X | ||
| Link all code with the /safeseh linker option (safe exception handling) | Requirement | X | ||
| Mitigate against cross-site request forgery (CSRF) | Requirement | X | ||
| Mitigate against cross-site scripting (XSS) | Requirement | X | X | X |
| Secure sensitive data-at-rest (LOB) | Requirement | X | X | X |
| Secure sensitive data-in-transit (LOB) | Requirement | X | X | X |
| Update threat models for new features | Requirement | X | X | X |
| Use HeapSetInformation | Requirement | X | ||
| Use safe integer arithmetic for memory allocation for new code | Requirement | X | ||
| Use safe redirect | Requirement | X | X | X |
| Use secure cookie over HTTPS | Requirement | X | X | X |
| Use standard annotation language (SAL) to annotate all functions | Requirement | X | X | |
| Use the most secure ATL version and secure COM coding requirements | Requirement | X | ||
| Use the /robust MIDL compiler switch | Requirement | X | ||
| Use the Relying Party Suite SDK | Requirement | X | X | |
| Utilize LOB Secure Code Review (LOB) | Requirement | X | X | X |
| Avoid JavaScript eval function and equivalents | Recommendation | X | ||
| Canonicalize URLs | Recommendation | X | X | X |
| Employ COM best practices | Recommendation | X | ||
| Encode long-lived pointers | Recommendation | X | X | |
| Restrict database permissions | Recommendation | X | ||
| Review error messages to ensure sensitive information is not disclosed | Recommendation | X | X | X |
| Use strict /GS option | Recommendation | X | X | |
| Use transport layer encryption securely | Recommendation | X | X | X |
| Use whitelist of allowed domains to perform redirects | Recommendation | X | X | X |
Content Disclaimer
This documentation is not an exhaustive reference on the SDL process as practiced at Microsoft. Additional assurance work may be performed by product teams (but not necessarily documented) at their discretion. As a result, this example should not be considered as the exact process that Microsoft follows to secure all products. This documentation is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. This documentation does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. © 2012 Microsoft Corporation. All rights reserved. Licensed under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported |