The Security Development Lifecycle
Discover how to:
- Use a streamlined risk-analysis process to find security design issues before code is committed
- Apply secure-coding best practices and a proven testing process
- Conduct a final security review before a product ships
- Arm customers with prescriptive guidance to configure and deploy your product more securely
- Establish a plan to respond to new security vulnerabilities
- Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum.
Table of contents
- The Need for the SDL
- Enough Is Enough: The Threats Have Changed
- Current Software Development Methods Fail to Produce Secure Software
- A Short History of the SDL at Microsoft
- SDL for Management
- The Security Development Lifecycle Process
- Stage 0: Education and Awareness
- Stage 1: Project Inception
- Stage 2: Define and FollowDesign Best Practices
- Stage 3: Product Risk Assessment
- Stage 4: Risk Analysis
- Stage 5: Creating Security Documents, Tools, and Best Practices for Customers
- Stage 6: Secure Coding Policies
- Stage 7: Secure Testing Policies
- Stage 8: The Security Push
- Stage 9: The Final Security Review
- Stage 10: Security Response Planning
- Stage 11: Product Release
- Stage 12: Security Response Execution
- SDL Reference Material
- Integrating SDL with Agile Methods
- SDL Banned Function Calls
- SDL Minimum Cryptographic Standards
- SDL-Required Tools and Compiler Options
- Threat Tree Patterns
| Pages : | 348 |
| Size : | 20.7 MB |
| File type : | |
| Downloads: | 105 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Michael Howard, Steve Lipner |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/article.php on line 233
Others security Tutorials
Security Infrastructure Technology for Integrated Utilization of Big Data
Others related eBooks about The Security Development Lifecycle
VoIP Tutorial in PDFThis pdf tutorial discusses the advantages and disadvantages of using VoIP services, focusing primarily on security issues that may affect those who are new to VoIP....
WLAN network basicsDownload free WLAN network basics Systems (example:802.11 WLAN Systems) course material, tutorial training, a PDF file under 53 pages by veriwave....
The Complete Windows Network Troubleshooting GuideThis is a free Network PDF tutorial in 4 chapters and 38 pages. This course aims to give students solutions for the most popular Network issues and Troubleshooting....
Linux Network Administrators GuideThis tutorial provides a best reference for network administration in a Linux environment ,a complet training document under 505 pages for free download....
Why Should I Care? Mobile Security for The Rest of UsDownload free course Why Should I Care? Mobile Security for The Rest of Us, pdf file on 46 pages by Veracode....
Network TopologiesDownload free network topologies tutorial course material and training in PDF file under 4 pages by Maninder Kaur....
PC Assembly LanguageDownload free course PC Assembly Language, pdf file on 190 pages by Paul A. Carter....
Neural Networks and Deep LearningDownload free course Neural Networks and Deep Learning, pdf file on 512 pages by Charu C. Aggarwal....
Security Infrastructure Technology for Integrated Utilization of Big DataDownload free course Security Infrastructure Technology for Integrated Utilization of Big Data, pdf file on 171 pages by Atsuko Miyaji, Tomoaki Mimoto....
Creating a Production Launch PlanDownload free course Creating a Production Launch Plan, pdf file on 45 pages by Alec Warner, Vitaliy Shipitsyn, Carmela Quinito....