The Security Development Lifecycle
Discover how to:
- Use a streamlined risk-analysis process to find security design issues before code is committed
- Apply secure-coding best practices and a proven testing process
- Conduct a final security review before a product ships
- Arm customers with prescriptive guidance to configure and deploy your product more securely
- Establish a plan to respond to new security vulnerabilities
- Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum.
Table of contents
- The Need for the SDL
- Enough Is Enough: The Threats Have Changed
- Current Software Development Methods Fail to Produce Secure Software
- A Short History of the SDL at Microsoft
- SDL for Management
- The Security Development Lifecycle Process
- Stage 0: Education and Awareness
- Stage 1: Project Inception
- Stage 2: Define and FollowDesign Best Practices
- Stage 3: Product Risk Assessment
- Stage 4: Risk Analysis
- Stage 5: Creating Security Documents, Tools, and Best Practices for Customers
- Stage 6: Secure Coding Policies
- Stage 7: Secure Testing Policies
- Stage 8: The Security Push
- Stage 9: The Final Security Review
- Stage 10: Security Response Planning
- Stage 11: Product Release
- Stage 12: Security Response Execution
- SDL Reference Material
- Integrating SDL with Agile Methods
- SDL Banned Function Calls
- SDL Minimum Cryptographic Standards
- SDL-Required Tools and Compiler Options
- Threat Tree Patterns
| Pages : | 348 |
| Size : | 20.7 MB |
| File type : | |
| Downloads: | 90 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Michael Howard, Steve Lipner |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/article.php on line 233
Others security Tutorials
Building the Infrastructure for Cloud Security
Security in Computer and Information Sciences
Web Application Security for Dummies - Qualys Limited Edition
Others related eBooks about The Security Development Lifecycle
How to configure Voice over IPThis pdf tutorial you will learn how to install, configure, and administer Voice over IP.free training document designated to beginners....
Hacking PortugalDownload free course Hacking Portugal, pdf file on 67 pages by Dinis Cruz....
Secrets of Network Cartography: A Comprehensive Guide to NmapEver wonder which Nmap scan was the right one to use? Thirteen different Nmap scans are profiled, with advantages, disadvantages, and usage guidelines for each one. Each scan method includes graphical scan descriptions and packet-by-packet analysis! - Nmap's operating system fingerprinting can pro...
An Introduction to Computer NetworksThis is a general-purpose textbook about computer networking, complete with diagrams and exercises. It is suitable as the primary text for an undergraduate or introductory graduate course in computer networking, or as a supplemental text for a wide variety of network-related courses. ...
Beginner's Guide to IP AddressesDownload free IP Adresses Beginner's Tutorial course material by ICANN on 12 pages....
Networking TechnologiesDownload free Netwoking technologies tutorial , course tutorial training on pdf under 222 pages by Raleigh Center....
Secrets of Network Cartography: A Comprehensive Guide to NmapDownload free eBook about Network cryptography and Nmap, Secrets of Network Cartography: A Comprehensive Guide to Nmap....
Firewall and Proxy ServerDownload free Firewall and Proxy Tutorial course material, tutorial training, PDF file by Mark Grennan on 40 pages...
Writing Native Mobile Apps in a Functional Language SuccinctlyDownload free course Writing Native Mobile Apps in a Functional Language Succinctly, pdf file on 129 pages by Vassili Kaplan....
Managing Risk and Information SecurityDownload free course Managing Risk and Information Security, pdf file on 152 pages by Malcolm Harkins....