Introduction to the Microsoft Security Development Lifecycle

Overview | Laptop

Overview

In this introductory class, you will learn the history of the SDL at Microsoft and its goals and benefits that can be applied to your organization. Each of its seven phases will be introduced to you in detail.

You will also learn why it is so critical for any development organization to embed security and privacy into software development and culture.

Basics of Secure Design, Development and Test

This course covers the basic security principles and tasks associated with the design, implementation, and testing phases of the SDL. These principles correspond to the minimum requirements for producing secure products.

You will first be introduced to the Microsoft Security Development Lifecycle (SDL), then we will briefly review secure design, development, and test concepts. Finally, we will explore the security issues that arise if these design, coding, and test principles are not properly applied.

Introduction to Threat Modeling

In this section, you will learn the benefits of threat modeling in the design phase of software development. You will learn how to threat model step by step.

This class includes a practical exercise and a demo of Microsoft's free, downloadable SDL Threat Modeling Tool.

Privacy in Software Development

In this section, you will get an outline of how to build privacy into software products and services, including online products and services. You will be able to describe the principles and impacts of privacy compliance, as well as define best practices for collecting, storing, and using personal data.

Additional information: http://www.sans.org/sdl.php

Laptop

null