The Security Development Lifecycle
Discover how to:
- Use a streamlined risk-analysis process to find security design issues before code is committed
- Apply secure-coding best practices and a proven testing process
- Conduct a final security review before a product ships
- Arm customers with prescriptive guidance to configure and deploy your product more securely
- Establish a plan to respond to new security vulnerabilities
- Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum.
Table of contents
- The Need for the SDL
- Enough Is Enough: The Threats Have Changed
- Current Software Development Methods Fail to Produce Secure Software
- A Short History of the SDL at Microsoft
- SDL for Management
- The Security Development Lifecycle Process
- Stage 0: Education and Awareness
- Stage 1: Project Inception
- Stage 2: Define and FollowDesign Best Practices
- Stage 3: Product Risk Assessment
- Stage 4: Risk Analysis
- Stage 5: Creating Security Documents, Tools, and Best Practices for Customers
- Stage 6: Secure Coding Policies
- Stage 7: Secure Testing Policies
- Stage 8: The Security Push
- Stage 9: The Final Security Review
- Stage 10: Security Response Planning
- Stage 11: Product Release
- Stage 12: Security Response Execution
- SDL Reference Material
- Integrating SDL with Agile Methods
- SDL Banned Function Calls
- SDL Minimum Cryptographic Standards
- SDL-Required Tools and Compiler Options
- Threat Tree Patterns
| Pages : | 348 |
| Size : | 20.7 MB |
| File type : | |
| Downloads: | 69 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Michael Howard, Steve Lipner |
Others security Tutorials
Intrusion Detection Systems with Snort
Others related eBooks about The Security Development Lifecycle
An Introduction to Computer NetworksDownload free course An Introduction to Computer Networks, pdf file on 896 pages by by Peter L Dordal....
Computer Networking : Principles, Protocols and PracticeThis is an ongoing effort to develop an open-source networking textbook that could be used for an in-depth undergraduate or graduate networking courses. ...
Firewall securityDownload free Firewall Tutorial course material, tutorial training, PDF file by Cisco Systems on 21 pages....
Security in Computer and Information SciencesDownload free course Security in Computer and Information Sciences, pdf file on 169 pages by Erol Gelenbe, Paolo Campegiani, Tadeusz Czachórski, Sokratis Katsikas, Ioannis Komnios, Luigi Romano, Dimitrios Tzovaras....
Platform Embedded Security Technology RevealedDownload free course Platform Embedded Security Technology Revealed, pdf file on 263 pages by Xiaoyu Ruan....
Zabbix 1.8 Network MonitoringImagine you're celebrating the start of the weekend with Friday-night drinks with a few fr..., download free Network Monitoring tutorial in PDF (428 pages) created by Rihards Olups ....
Secrets of Network Cartography: A Comprehensive Guide to NmapDownload free eBook about Network cryptography and Nmap, Secrets of Network Cartography: A Comprehensive Guide to Nmap....
Download Hacking tutorial in PDFThis tutorial is about testing penetration and ethical hacking, designed to students. Free training document in PDF under 47 pages by Dr. Bruce V. Hartley....
An Introduction to Computer NetworksThis is a general-purpose textbook about computer networking, complete with diagrams and exercises. It is suitable as the primary text for an undergraduate or introductory graduate course in computer networking, or as a supplemental text for a wide variety of network-related courses. ...
Guide to Computer Network Security, 4th EditionThis definitive text/reference on computer network and information security presents a com..., download free Network Security tutorial in PDF (572 pages) created by Joseph Migga Kizza ....