Skip to main content

Microsoft SDL Design Phase: Security Practices


About This Video

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about the “Design” phase of the Microsoft SDL. Joe explains how designing secure systems sometimes requires thinking “backwards” - instead of focusing on features of what the system should do, one should think of what the system should NOT do. Taking this as a departing point, Joe dives into a discussion of foundational design principles of building secure software, including least privilege, compartmentalization, input validation, auditing and logging, cryptography and avoiding the “Not Invented Here” trap.

Related resources:


Published Date: December 09, 2010
Presented By: Joe Basirico