This week Microsoft released a set of SDL (Secure Development Lifecycle) process templates designed to make it easier for software teams to integrate SDL into their development processes.    These templates integrate with Visual Studio Team System by adding SDL workflows and processes and providing the ability to measure and audit the results.

It can be difficult to transition from general SDL concepts and theory to actual workable processes.  Perhaps you read a book on SDL or an auditor told you that you need to perform SDL on your projects. How do you make the move from theory to practice?  These templates will let you hit the ground running by providing a strong basic SDL workflow that you can customize to your needs.

If your development team is already using Visual Studio Team System, I highly recommend you evaluate how these templates can help your project or team. And hey, they’re free! I always like free tools that make security simpler and easier to achieve.

Michael Oglesby

The Director of Tactical Security Services at TRUE, Michael specializes in security testing initiatives with vast network and application security assessment experience. He oversees a team of analysts in conducting SAST- and DAST-based services. Certifications include CISSP, CSSLP, QSA and CNSS 4011-4015. He is also the Verizon 2010 Data Breach Investigation Report Cover Challenge Winner and second place finisher in the 2011 competition.

Twitter - More Posts