[ISN] Black Hat: Microsoft Enhances SDL Offerings
InfoSec News
alerts at infosecnews.org
Thu Feb 4 00:50:16 CST 2010
http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=222601024
By Thomas Claburn
InformationWeek
February 3, 2010
At the Black Hat security conference in Washington, D.C., on Tuesday,
Microsoft introduced new software, a new membership program, and
guidance to enhance its Secure Development Lifecycle (SDL) development
methodology.
The software is the first public beta of MSF for Agile Software
Development plus SDL Process Template for VSTS 2008, MSF-A+SDL for
short, a template that helps development teams integrate SDL processes
into their Visual Studio Team System development environment.
It is based on Microsoft's SDL-Agile processes, which aim to provide
structure for development projects that happen on a more accelerated
time line than the typical SDL project.
A version of the template for Visual Studio 2010 will be available
shortly after Visual Studio 2010 is released in April.
Microsoft is also expanding its SDL Pro Network to include a new
membership category called Tools. Organizations that join as Tools
members provide services related to the deployment of security tools,
like static analyzers, fuzzers, or binary analyzers.
The company announced seven new SDL Pro Network members: Fortify,
Veracode, and Codenomicon in the Tools category; Booz-Allen Hamilton,
Casaba Security, and Consult2Comply in the Consulting Member category;
and Safelight Security Advisors in the Training Member category.
[...]
More information about the ISN
mailing list