Microsoft Releases Secure Development Lifecycle Tools

Microsoft Corp. has upped the ante to counter the ever-surging cyber attacks by launching a couple of tools to allow software developers to produce secure codes in an improved manner.

The software giant used the Black Hat DC security symposium in Washington D.C. to announce the recent public releases of elements of its Security Development Lifecycle (SDL) program.

Introduced back in 2004, the SDL help developers to standardise safe and secure development practices across the complete range of software products.

One of the tools is a step-by-step manual designed to assist software development groups of any siz to embrace the SDL without pouring in extra investment or minimising time to market.

Discussing about the guide, David Ladd, Microsoft’s chief security program manager, said: “The guide sets out how any development team, even teams of eight to ten developers, can implement the SDL”.

Another tool by Microsoft is the beta iteration of a downloadable template for the company’s Visual Studio 2008 for employing SDL techniques to agile software development procedure.

The template is designed to make sure that any code used by the developers must comply with standard SDL practices and automatically checks various other manual processes, like threat modelling, to bring them into notice.

Our Comments

Microsoft is quietly making sure that all its developer products are as secure as possible. This will possibly ensure that Microsoft becomes less vulnerable in the future as developers embrace and use the tools. More importantly though, it is the end users that have been responsible for most security issues.

Related Links

Microsoft releases free SDL tools at Black Hat DC

(Network World)

Microsoft security dev tools go 'Agile'

(Register)

Microsoft releases free SDL tools at Black Hat DC

(Computer Weekly)

Microsoft shares its SDL tools and expertise with the developer community

(Security Park)

Microsoft enhances SDL

(InfoSecurity)