Starting with the Trustworthy Computing (TwC) directive of January 2002, many software development groups at Microsoft instigated “security pushes” to find ways to improve the security of existing code. However, the reliable delivery of more secure software requires a comprehensive process. To that end Microsoft defined four guiding principles to guide the creation and support of more secure software: Secure by Design; Secure by Default; Secure in Deployment; and Communications (SD3+C). The SDL brings these principles to life, by integrating them into every step of the software development lifecycle.
This page includes information on each of the phases of the SDL and provides links to resources to get your development crew up to speed on how to create secure applications from inception to support:
http://msdn.microsoft.com/en-us/security/cc420639.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)