Microsoft SDL Design Phase: Security Practices
In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about the “Design” phase of the Microsoft SDL. Joe explains how designing secure systems sometimes requires thinking “backwards” - instead of focusing on features of what the system should do, one should think of what the system should NOT do. Taking this as a departing point, Joe dives into a discussion of foundational design principles of building secure software, including least privilege, compartmentalization, input validation, auditing and logging, cryptography and avoiding the “Not Invented Here” trap.
Published Date: December 09, 2010
Presented By: Joe Basirico
Tags: TechNet Edge , Zune , IPOD , Joe Basirico , TwC , Trustworthy Computing , SDL , Security Development Lifecycle , Videos , SDL Pro Network , Security Innovation