Microsoft juices Visual Studio with secure coding tools
- 03 February, 2010 08:46
- Comments
Microsoft Tuesday said it will deepen ties between its Visual Studio development tools and the secure applications development processes first developed inside the company and now available to outsiders.
Microsoft will upgrade its Security Development Lifecycle (SDL) process with templates, new partners and supporting documentation. The company made the announcement at the Black Hat Conference taking place in Washington, D.C.SDL, which was born from a 2002 Bill Gates mandate on secure code, is a process Microsoft has used since 2004 to develop software.
The process includes development of threat models during software design, the use of code-scanning tools during implementation, and code reviews and security testing.
Microsoft Tuesday said it would shortly release a beta of a template for rapid applications development that works with Visual Studio Team System 2008/Team Foundation Server and integrates SDL with the Microsoft Solutions Framework (MSF) and Agile development practices. Agile development is based on process management with multiple check-ups on the work along the way. The final release will come before the end of June.
The template automatically creates workflow items to meet SDL security requirements each time code is checked in to the server. There is also an analyzer feature to ensure code meets SDL guidelines.
In addition, Microsoft has created a Reader's Digest version of the implementation guidelines for the SDL, focusing on the fact that SDL applies beyond Windows and shrink-wrapped software and does not require Microsoft specific tools.
Microsoft also said it was expanding its lineup of partners that help users implement SDL, including a new tools category. New for the tools category are Fortify, Veracode and Codenomicon, the new training member is Safelight Security Advisors and the new consulting members are Booz-Allen Hamilton, Casaba Security and Consult2Comply.
- Bookmark this page
- Share this article
- Got more on this story? Email TechWorld
- Follow TechWorld on twitter
-
Review: FitBit Ultra
-
US man convicted for helping thousands steal Internet service
-
Replicant developer interview: Building a truly free Android
-
Myspace settles FTC privacy complaint
-
Jailbreak of Apple iOS 5.1.1 due 'in days'
-
Windows 7 for Dummies® Dvd+book Bundle
-
Computers for Seniors for Dummies, 2nd Edition
-
Office 2007 All-In-One Desk Reference for Dummies
-
Windows 7 for Dummies®
-
Excel 2007 All-In-One Desk Reference for Dummies
-
MYOB Software for Dummies 6E Australian Edition
-
Office 2007 for Dummies
-
Teach Yourself Visually Windows 7
-
Microsoft Office
Comments
Post new comment