All the VSTS Customers i showed the new SDL Process Template for VSTS 2008 Loved it! – But the problem was very few people were in a position to start over with a new Team Project.

In response to numerous requests the Security Development Lifecycle (SDL) have written a whitepaper on how you can integrate their best practices into your own Team Project Templates- giving you the best of both worlds!  Specific artifacts this white paper integrates is:

1. SDL Work Item Types: All of the customized work item types that the SDL Process Template uses to create requirements, enforce policies, and enable reporting.
2. SDL Requirements and Recommendations: All SDL Tasks to ensure all SDL Requirements and Recommendations are completed.
3. SDL Check-in Policies: Enforceable policies to verify the compiler/linker flag protections in Visual Studio are used.
4. SDL Reporting: To verify progress toward completing all SDL Tasks and provide an auditable assessment of your software’s security.
5. SDL Documents (optional): The supporting document libraries from the SDL Process Template

The whitepaper can be downloaded here:

New Security Whitepaper: Manually Integrating the SDL Process Template