Windows Vista Secure Development Lifecycle

The true question about Windows Vista security is are users going to experience the same improvements over Windows XP, as Windows Server 2003 delivered over Windows Server 2000. Microsoft has invested a great deal of effort and time, in bulletproofing Windows Vista. Security was one of the Redmond Company's core focuses with Windows Vista, and the latest release of the operating system has evolved in comparison to Windows XP.

First off, Windows Vista is the first Microsoft operating system to go through SDL - Secure development lifecycle. The SDL has a direct impact on limiting the volume of security-based design and coding defects but also to temper the severity of the code flaws that survive.

"Windows Vista is the first client-based operating system to go through the complete SDL from start to finish. Although no operating system is 100% secure, Windows Vista includes fundamental architectural changes that will help make customers more secure from evolving threats, including worms, viruses, and malware. These improvements minimize the operating system's attack surface area, which in turn improves system and application integrity and helps people more securely manage and isolate networks," commented Miclrosoft's Stephen Toulouse, senior program manager for the Trustworthy Computing Group.

The fact that Windows Vista was completely developed implementing SDL represents a guarantee that the operating system's development process has been modified to integrate a model resulting in improved security. In this context, SD is synonymous with Secure by Design, Secure by Default and Secure by Deployment and Communication.