Microsoft to share in-house security lessons

By Shaun Nichols on Sep 18, 2008 3:41PM
Microsoft to share in-house security lessons
The company said on Tuesday that it will be releasing the details on several of its in-house Secure Development Lifecycle (SDL) concepts as freely available tools.

The effort will initially consist of three programmes, each designed to bring Microsoft's newly-developed security policies to other vendors.

The first will be an auditing system known as the SDL Optimisation Model. The system will allow developers to obtain a general security overview on their products and find possible holes in the development process.

The second will be the formation of a security consultant network. The Pro Network will aim to connect software developers with security firms in order to build software which is better able to withstand attack.

Initially, this will be limited to a small test network, although the company hopes eventually to open registration to outside firms.

The third part of the programme will be a piece of software known as the SDL Threat Modeling Tool which models a developer's code and points out potential security holes within an application.

Each of the three programmes is based on Microsoft's SDL system launched in 2004. The system was Microsoft's attempt to improve its overall product security by implementing security measures in every facet of the development process, and was used to develop Vista and Office 2007.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
inhouse lessons microsoft security share to

Partner Content

How mandatory climate reporting is raising the bar for corporate leadership
How mandatory climate reporting is raising the bar for corporate leadership
Empowering Sustainability: Schneider Electric's Dedication to Powering Customer Success
Empowering Sustainability: Schneider Electric's Dedication to Powering Customer Success
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
Why Renew IT Is Different: Where Science, AI and Sustainability Redefine IT Asset Disposition
Why Renew IT Is Different: Where Science, AI and Sustainability Redefine IT Asset Disposition

Sponsored Whitepapers

Protect the data your business relies on
Protect the data your business relies on
Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The race to AI advantage is on. Don’t let slow consulting projects hold you back.

Events

techpartner.news MSP index - Melbourne
techpartner.news MSP index - Melbourne
Pipeline 2026: Game Changers
Pipeline 2026: Game Changers

Most read articles

Why Kat McCrabb started with the hard stuff

Why Kat McCrabb started with the hard stuff
Rapid7’s new SIEM combines exposure management with threat detection

Rapid7’s new SIEM combines exposure management with threat detection
SentinelOne signs distribution agreement with Sektor

SentinelOne signs distribution agreement with Sektor
Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Log in

Email:
Password:
  |  Forgot your password?