14 DAY TRIAL // Now at version 5.1, Microsoft’s Security Development Lifecycle has been available outside of the company, to all third-party developers, for a few years now. SDL is part of the software giant’s focus on increasing the security of its software products, and an extremely successful one at that, considering releases such as Windows Vista and Windows 7.
But in this regard, SDL is not about offering a silver bullet solution to security problems. Instead, Microsoft focused on a more realistic goal, ensuring that the number of vulnerabilities in products is reduced to a minimum, and that those flaws that remain undetected pose an as low as possible risk to customers.
Customers that want to gain insight into SDL, even before it was embraced by the Redmond company, can do so via a new whitepaper offered free of charge through the Microsoft Download Center.
“The SDL is a security assurance process that focuses on software development and introduces security and privacy throughout all phases of the development process,” revealed Steve Lipner Senior Director of Security Engineering Strategy Trustworthy Computing Security, Microsoft.
“The SDL has been a company-wide mandatory policy since 2004. It combines a holistic and practical approach to reducing the number and severity of vulnerabilities in Microsoft products and services, and thus limits the opportunities for attackers to compromise computers.”
As SDL matured, Microsoft started sharing it with the world free of charge. Developers can adopt DSL to increase the security of their products whether they work in a small team inside a startup or in a large software company that can invest heavily in bulletproofing its products.
Devs that are still raising an eyebrow when hearing about SDL, need to download the documentation offered by Microsoft and read details about its evolution, adoption, inherent benefits, etc.
