Security Development Lifecycle SDL - A Process for Developing Demonstrably More Secure Software

Name: Security Development Lifecycle SDL - A Process for Developing Demonstrably More Secure Software
Price: 6.75 USD
Availability: InStock
ISBN: 9780735622142

ISBN-10: 0735622140

ISBN-13: 9780735622142

Edition: 2006 (Revised)

Authors: Michael Howard, Steve Lipner

List price: $34.99

30 day, 100% satisfaction guarantee!

Marketplace

3 new & used from $6.75

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

With expert insights, this introduction to the Security Development Lifecycle (SDL) provides you with a history of the methodology and guides you through each stage of the proven process--from design to release--that helps minimize security defects. The software industry has been struggling with how to create and release software that is more security-enhanced and reliable--the Security Development Lifecycle (SDL) provides a methodology that works. Adapted from Microsoft's standard development process, SDL is a critical way to help reduce the number of security defects in code at every stage of the development process, from design to release. In addition to a brief history of the…

Book details

List price: $34.99
Copyright year: 2006
Publisher: Pearson Education
Publication date: 5/31/2006
Binding: Paperback
Pages: 352
Size: 7.50" wide x 9.00" long x 1.00" tall
Weight: 1.584
Language: English

Steve Lipner, CISSP, is the senior director of Security Engineering Strategy for Microsoft. He is responsible for defining and updating the Security Development Lifecycle and has pioneered numerous security techniques. Steve has over 35 years' experience as a researcher, development manager, and general manager in IT security.



Foreword


Introduction



The Need for the SDL



Enough Is Enough: The Threats Have Changed



Current Software Development Methods Fail to Produce Secure Software



A Short History of the SDL at Microsoft



SDL for Management



The Security Development Lifecycle Process



Stage 0: Education and Awareness



Stage 1: Project Inception



Stage 2: Define and Follow Design Best Practices



Stage 3: Product Risk Assessment



Stage 4: Risk Analysis



Stage 5: Creating Security Documents, Tools, and Best Practices for Customers



Stage 6: Secure Coding Policies



Stage 7: Secure Testing Policies



Stage 8: The Security Push



Stage 9: The Final Security Review



Stage 10: Security Response Planning



Stage 11: Product Release



Stage 12: Security Response Execution



SDL Reference Material



Integrating SDL with Agile Methods



SDL Banned Function Calls



SDL Minimum Cryptographic Standards



SDL-Required Tools and Compiler Options



Threat Tree Patterns


Appendix : Appendix