By Thomas Claburn
February 3, 2010
At the Black Hat security conference in Washington, D.C., on Tuesday,
Microsoft introduced new software, a new membership program, and
guidance to enhance its Secure Development Lifecycle (SDL) development
The software is the first public beta of MSF for Agile Software
Development plus SDL Process Template for VSTS 2008, MSF-A+SDL for
short, a template that helps development teams integrate SDL processes
into their Visual Studio Team System development environment.
It is based on Microsoft's SDL-Agile processes, which aim to provide
structure for development projects that happen on a more accelerated
time line than the typical SDL project.
A version of the template for Visual Studio 2010 will be available
shortly after Visual Studio 2010 is released in April.
Microsoft is also expanding its SDL Pro Network to include a new
membership category called Tools. Organizations that join as Tools
members provide services related to the deployment of security tools,
like static analyzers, fuzzers, or binary analyzers.
The company announced seven new SDL Pro Network members: Fortify,
Veracode, and Codenomicon in the Tools category; Booz-Allen Hamilton,
Casaba Security, and Consult2Comply in the Consulting Member category;
and Safelight Security Advisors in the Training Member category.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News