The Security Development Lifecycle
Discover how to:
- Use a streamlined risk-analysis process to find security design issues before code is committed
- Apply secure-coding best practices and a proven testing process
- Conduct a final security review before a product ships
- Arm customers with prescriptive guidance to configure and deploy your product more securely
- Establish a plan to respond to new security vulnerabilities
- Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum.
Table of contents
- The Need for the SDL
- Enough Is Enough: The Threats Have Changed
- Current Software Development Methods Fail to Produce Secure Software
- A Short History of the SDL at Microsoft
- SDL for Management
- The Security Development Lifecycle Process
- Stage 0: Education and Awareness
- Stage 1: Project Inception
- Stage 2: Define and FollowDesign Best Practices
- Stage 3: Product Risk Assessment
- Stage 4: Risk Analysis
- Stage 5: Creating Security Documents, Tools, and Best Practices for Customers
- Stage 6: Secure Coding Policies
- Stage 7: Secure Testing Policies
- Stage 8: The Security Push
- Stage 9: The Final Security Review
- Stage 10: Security Response Planning
- Stage 11: Product Release
- Stage 12: Security Response Execution
- SDL Reference Material
- Integrating SDL with Agile Methods
- SDL Banned Function Calls
- SDL Minimum Cryptographic Standards
- SDL-Required Tools and Compiler Options
- Threat Tree Patterns
| Pages : | 348 |
| Size : | 20.7 MB |
| File type : | |
| Downloads: | 108 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Michael Howard, Steve Lipner |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/article.php on line 233
Others security Tutorials
Platform Embedded Security Technology Revealed
Platform Embedded Security Technology Revealed
Guide to Computer Network Security, 4th Edition
Web Application Security for Dummies - Qualys Limited Edition
Others related eBooks about The Security Development Lifecycle
Neural Networks and Deep LearningThis book covers both classical and modern models in deep learning. The chapters of this b..., download free Neural Networks tutorial in PDF (512 pages) created by Charu C. Aggarwal ....
Platform Embedded Security Technology RevealedDownload free course Platform Embedded Security Technology Revealed, pdf file on 263 pages by Xiaoyu Ruan....
Rational Cybersecurity for BusinessDownload free course Rational Cybersecurity for Business, pdf file on 349 pages by Dan Blum....
An Introduction to Computer NetworksDownload free course An Introduction to Computer Networks, pdf file on 896 pages by by Peter L Dordal....
Configuring VoIP Call Setup MonitoringDownload tutorial about configuring VoIP call and setup monitoring, it's a free training document material in 14 pages by Scisco designated to intermediate level users....
Hacking PortugalDownload free course Hacking Portugal, pdf file on 67 pages by Dinis Cruz....
Linux Network Administrators GuideThis tutorial provides a best reference for network administration in a Linux environment ,a complet training document under 505 pages for free download....
Cisco ACE to NginxDownload free course Cisco ACE to Nginx, pdf file on 51 pages by Faisal Memon....
Voice over IP overview in pdfDownload free training tutorial in pdf about VoIP (Voice over IP),document in 46 pages designated to intermediate level-users....
Windows PowerShell Networking GuideDownload free course Windows PowerShell Networking Guide, pdf file on 74 pages by Ed Wilson....