Microsoft publishes report on its Security Development Lifecycle

Microsoft has published a new report that outlines nine years of progress in developing, improving and sharing the Security Development Lifecycle (SDL) process.

Microsoft has published a new report that outlines nine years of progress in developing, improving and sharing the Security Development Lifecycle (SDL) process.

The SDL Progress Report is aimed showing IT business decision-makers the links between secure development, reduced attacks and business efficiencies.

Using both internal and external information, the report concludes that adopting secure development processes, like the SDL, can lead to the earlier identification of vulnerabilities and offset the costly cycle of addressing vulnerabilities at the end of the development cycle or after an attack.

The report also shows how combining technology and processes can enhance the benefits of secure development.

"We hope you find valuable information on secure development lessons learned at Microsoft, how we've applied security science, and the correlation between holistic security processes, risk reduction, and organisational efficiency," Microsoft's SDL team said in a blog post.

According to the team, one of the most important leessons has been that security threats are not static.

For this reason, work on developing secure software and evolving the SDL to stay ahead of complex attacks will never be done, they said, but the team believes its SDL tools and processes add value and should be shared broadly with the security ecosystem.

"A collective effort is needed to meet the threat to computer users worldwide," they said.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close