Black Hat: Microsoft Enhances SDL Offerings

Black Hat: Microsoft Enhances SDL Offerings
Black Hat: Microsoft Enhances SDL Offerings 

By Thomas Claburn
February 3, 2010 

At the Black Hat security conference in Washington, D.C., on Tuesday, 
Microsoft introduced new software, a new membership program, and 
guidance to enhance its Secure Development Lifecycle (SDL) development 

The software is the first public beta of MSF for Agile Software 
Development plus SDL Process Template for VSTS 2008, MSF-A+SDL for 
short, a template that helps development teams integrate SDL processes 
into their Visual Studio Team System development environment.

It is based on Microsoft's SDL-Agile processes, which aim to provide 
structure for development projects that happen on a more accelerated 
time line than the typical SDL project.

A version of the template for Visual Studio 2010 will be available 
shortly after Visual Studio 2010 is released in April.

Microsoft is also expanding its SDL Pro Network to include a new 
membership category called Tools. Organizations that join as Tools 
members provide services related to the deployment of security tools, 
like static analyzers, fuzzers, or binary analyzers.

The company announced seven new SDL Pro Network members: Fortify, 
Veracode, and Codenomicon in the Tools category; Booz-Allen Hamilton, 
Casaba Security, and Consult2Comply in the Consulting Member category; 
and Safelight Security Advisors in the Training Member category.


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods