Microsoft Security Development Lifecycle - Secure software made easier.
Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Today, we are excited to announce the general availability of a new version SDL process templates:
This version of the SDL Process Templates is specific to the Microsoft Security Development Lifecycle version 5.2.
The SDL Process Templates automatically integrate policy, process and tools associated with the Microsoft Security Development Lifecycle (SDL) in Visual Studio 2013 and Visual Studio Team Foundation Server (TFS). With the process templates code checked into the Visual Studio TFS source repository by the developer is analyzed to ensure that it complies with SDL secure development practices. The templates also create security workflow tracking items for manual SDL processes such as threat modeling to ensure that these important security activities are not accidentally skipped or forgotten. Read more
To mark the 10 year anniversary since the creation of the Security Development Lifecycle, we wanted to tell the behind-the-scenes story of how the SDL came to be. Back in 2004, Microsoft decided that if we were going to succeed at building trust with our customers, security could not be an afterthought when developing our products and services. So how do you get a large organization like Microsoft to prioritize security with thousands of developers, writing millions of lines of code? How do you get everyone marching toward the same goal? Hear from some of the people behind the scenes in security at Microsoft to discuss their journey and how they helped to fundamentally shift the culture within Microsoft. Get the never-before told inside story on Microsoft security: www.sdlstory.com
Registration is now live for the Security Development Conference 2013, hosted in San Francisco, CA on May 14 – 15, 2013. If you register today you’ll save 50% off the normal registration fee.
This year’s conference will include keynote speakers Edna M. Conway, Chief Security Strategist, Cisco Systems Inc.; Brad Arkin, senior director, Security, Adobe products and services; and Scott Charney, corporate vice president, Trustworthy Computing, Microsoft Corp. Event tracks will include: Engineering for Secure Data, Security Development Lifecycle & Data Security, and Business Risk & Data Security. Track sessions will cover the latest in proven security development techniques that help reduce risk and protect organizations in the ever-changing technology landscape.
The Security Development Conference brings together IT security professionals to network, learn and discuss secure development best practices. Attendees from around the world will hear from leading security experts, build their professional networks, and learn how to implement or accelerate adoption of secure development practices within their own organizations.
For more information, I encourage you to check out the website at www.securitydevelopmentconference.com.
Steve LipnerPartner Director of Program ManagementMicrosoft Trustworthy Computing