Security Development Lifecycle for Agile
Bryan Sullivan, Senior Security Program Manager for Microsoft, illustrates how teams can ensure applications developed with rapid release cycles are still developed in a secure manner.
Many development organizations use Agile software development methodologies to build their applications, yet Agile – just like every other development methodology – does not inherently produce secure deliverables. Secure development practices need to be “baked-in” throughout every iteration or sprint. The Security Development Lifecycle for Agile (SDL-Agile) process defines a set of activities that development teams can follow to reduce security vulnerabilities. SDL-Agile also specifies the conditions and frequencies with which these activities should be performed, in order to optimize the security of the delivered product and to ensure that teams have the time and freedom to innovate and create new features.
You can find additional information on SDL-Agile here: http://msdn.microsoft.com/en-us/library/ee790621.aspx
Published Date: December 09, 2009
Presented By: Trustworthy Computing
Tags: TechNet Edge , TwC , SDL , Security Development Lifecycle , Videos , English , Trustworthy Computing , Zune , iPod