Security Development Lifecycle for Agile

Posted By: Trustworthy Computing | Dec 9th, 2009 @ 4:55 PM | 14,696 Views | 20 Comments

Bryan Sullivan, Senior Security Program Manager for Microsoft, illustrates how teams can ensure applications developed with rapid release cycles are still developed in a secure manner.

 

Many development organizations use Agile software development methodologies to build their applications, yet Agile – just like every other development methodology – does not inherently produce secure deliverables. Secure development practices need to be “baked-in” throughout every iteration or sprint. The Security Development Lifecycle for Agile (SDL-Agile) process defines a set of activities that development teams can follow to reduce security vulnerabilities. SDL-Agile also specifies the conditions and frequencies with which these activities should be performed, in order to optimize the security of the delivered product and to ensure that teams have the time and freedom to innovate and create new features.

 

You can find additional information on SDL-Agile here: http://msdn.microsoft.com/en-us/library/ee790621.aspx
Rating:
0
0
#Jan 3rd @ 7:35 PM
AlyshaArseneau
AlyshaArseneau
alysha

What I like about agile software development is that its a highly disciplined approach that emphasizes recursive processes, self organization, and active stakeholder co-op, minimizing waste through a "just enough and in-time" approach. Its shorter, compendious, brief and to the point. Good thing I read the paper writing and gave it a shot!

#Jan 18th @ 4:13 AM
Marcoss
Marcoss

Your in-depth, expert guide to the proven process that helps reduce security bugs.
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (otimização de sites). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL (acompanhantes)—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization like this projects (desentupidora, grafica and cabos eletricos).

#Mar 14th @ 12:16 AM
masini
masini

However, it knows where you work in teams. I think that's important. If not working on team results are well below expectations.

From tractoare de vanzare si tractari auto Mihai Bogdan

#Mar 15th @ 6:44 AM
noak
noak

Silverlight, what a great product! Love it very much! I want to share this article and video to my blogs about science and investments.

#Mar 17th @ 1:12 AM
kevin.anchi
kevin.anchi

Security has always been a main concern of the IT industry, ensure applications developed with rapid release cycles are still developed in a secure manner is a challenging task.......

 

Regards,

Custom Iron Gates

#Mar 26th @ 10:11 PM
Olsen
Olsen

Security has been al my concern since I am working with sensitive data.

Projects: Desentupidora | Hoteis em Sao Paulo | Oi Torpedo