Company will introduce SDL Threat Modeling Tool 3.0, an evolution of the Trustworthy Computing initiative.
Microsoft wants to take what it has learned about secure software development in-house and share its insights with others.
The company on Tuesday will offer up guidance and a tool based on Security Development Lifecycle (SDL), a security assurance process unveiled in 2004 and serving as an evolution of the company's Trustworthy Computing initiative. Deliverables include Microsoft SDL Threat Modeling Tool 3.0, for structured analysis of security and privacy issues; Microsoft SDL Optimization Model, for assessing security, and Microsoft SDL Pro Network, offering security guidance and SDL best practices. All will be available in November.
"What we're doing [what is] called SDL for the development ecosystem," said Steve Lipner, Microsoft senior director of security engineering strategy, during a meeting at InfoWorld' San Francisco offices last week.
Analyst data, Lipner said, has shown that 10 percent of organizations test for security during the implementation phase of software, 20 percent test during the verification phase, and 70 percent wait until the software already is in use. "What that means is that basically, you're putting it out there hoping nobody will break into it," he said.
Read More Article...
Friday, September 19, 2008
Microsoft Seeks Secure Software Development
Subscribe to:
Post Comments (Atom)
Useful Resources:
Software Development OutsourcingOutsourcing Services
1 comment:
Recently I hired the services for Custom Printed Circuit Board (PCB) design from Teligy. http://www.teligy.com/Services/Device_Drivers.html was provided with the exact requirements and that too at affordable prices! I recommend that you should definitely visit their home page and have a look at their services. They are truly awesome.
Post a Comment