Geeks With Blogs


Google My Blog

Murray Gordon Flash a-ah! Savior of the universe...

During the CTO panel discussion hosted by Bill Veghte, Corporate VP of Microsoft North America, Microsoft promised to provide a summary and best practices for their “Security Development Life cycle” (SDL). The following links outline the SDL process and SDL best practices that Microsoft uses internally. There are also reference resources within the blog entries where you can get additional information on the SDL process. 

You can find those here on my blog:

For the last four years Microsoft has been fully committed to the Trust Worthy Computing Initiative” which follows the principles of SD3+C (Secure by Design, Default, Deployment + Communication Process). The SDL mainly focuses on the first two elements of the initiative.

For each element of SD3+C, security improvements must be put in place to augment the development process. Once they are identified and added to the existing development model, the model should resemble this:


You can visit the link below to get more information about Microsoft’s security initiatives.

Hope you enjoy the material. I know I did. Very helpful info.


Posted on Friday, July 14, 2006 2:17 PM .NET Framework 2.0 | Back to top

Comments on this post: Microsoft's Software Delevelopment Lifecycle (SDL) - Info from Microsoft's ISV CTO Summit

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Murray Gordon | Powered by: