Best State of Art IT Security Solutions
The best Innovative and powerful IT Security products

You are here: SecPoint & IT Security News

Microsoft Tool for Secure Development Will it work?

Microsoft recently developed a Security Development Lifecycle (SDL) tool responsible for assisting programmers to integrate the knowledge amassed through SDL into their software development environment. SDL is the corporation's patented process that ensures your applications are as secure and error-free as possible. SDL is a very important part of all the software and operating systems developed by the company since 2004.

Microsoft previously released the recommendations and specifications of SDL in the form of written documentation in order to let non-Microsoft developers make use of their process. However, being able to adapt a development process to accommodate SDL proved painstaking and arduous. Therefore, the company has opted to release an SDL Process Template tool for the Visual Studio Team System that maps SDL 4.1 in its totality.

Microsoft allowing developers to easily perform secure development

According to a report that Glenn Pittaway (the Group Program Manager for the SDL team) submitted to Heise Security, the source code must be present in Visual Studio in order for the template to be of any use. Regardless, he acknowledges that Microsoft has done everything in its power to make the tool as simple as possible for Visual Studio Team System developers to adopt SDL. Even programmers lacking certain security skills should, says Pittaway, be able to write secure code using the process.

Pittaway wasn't able to disclose whether Microsoft should be offering templates for other software development environments, stating instead that he and his cohorts were waiting for comments and suggestions from the developer community and might provide versions that weren't exclusive to Visual Studio if there were a demand for them. He noticed that Microsoft's SDL 4.1 has fervently focused on online applications. However, web services and local applications that are continuously or regularly connected online compel a whole new set of security requirements. Consequently, the SDL development team has placed a strong emphasis on that particular area of improvement.

Developers that want to center their own programming process on SDL can adapt its long list of specs and recommendations to their own requirements and steer clear of the process steps that are irrelevant to their projects. The template allows each job (such as fixing an error in the source code) to be assigned to a specific person or team. Also, SDL makes it easy to keep track of the progress of any undertaking. With SDL's help, generating reports and statistics that can be used to examine the performance of external bug-detecting applications is a relative breeze.

Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software

SecPoint is specialized to deliver the best IT security solutions and products.

Compatible with Product
Securely protected by SecPoint
Customer reference King Customer reference New York Customer reference ROC Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef Customer reference King Customer reference New York Customer reference Roc Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef