14 DAY TRIAL // Microsoft is streamlining the process associated with third-party developers embracing the company's Security Development Lifecycle for their applications. The Microsoft SDL Process Template is the latest example of the Redmond company's commitment to ensuring that secure code practices are in no way limited to its software products. In this regard, the Microsoft SDL Process Template follows the availability of the Microsoft SDL Process Guidance documentation, the SDL Optimization Model, The SDL Threat Modeling Tool, and the SDL Pro Network. However, this time the focus is more hands-on, specifically related to Visual Studio.
“Microsoft released the SDL Process Template for Visual Studio Team System, making it easier for application developers to create more secure and privacy-enhanced applications. Derived from the Security Development Lifecycle (SDL), Microsoft’s industry leading software security assurance process, this new tool is now available for download at no cost on MSDN,” revealed David Ladd, principal security program manager of Microsoft’s Security Development Lifecycle team.
After implementing SDL to secure its own platforms including Windows and Office, Microsoft is looking to provide third-party developers with the tools, resources and guidance necessary to bulletproof, as much as possible, their applications. With the SDL Process Template developers are getting not only SDL guides, but also “auditable security requirements and reports,” Ladd added, underlining that the template could be leveraged by both security experts and non-experts, with the end purpose of keeping users protected.
“Developers not running on the Visual Studio platform can still leverage Microsoft’s freely available SDL technologies, processes and tools with today’s release of the SDL Documentation version 4.1. This documentation mirrors Microsoft’s own internal security and privacy processes and has been updated to reflect new guidance on online services and line of business applications,” Ladd said.
The Microsoft SDL Process Template is designed to integrate seamlessly into Visual Studio Team System, and in this regard, requires a Team Foundation Server for management.
The Microsoft SDL Process Template for Visual Studio Team System is available for download here.