[ISN] Black Hat: Microsoft Enhances SDL Offerings

From: InfoSec News <alerts_at_private>
Date: Thu, 4 Feb 2010 00:50:16 -0600 (CST)
http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=222601024

By Thomas Claburn
InformationWeek
February 3, 2010 

At the Black Hat security conference in Washington, D.C., on Tuesday, 
Microsoft introduced new software, a new membership program, and 
guidance to enhance its Secure Development Lifecycle (SDL) development 
methodology.

The software is the first public beta of MSF for Agile Software 
Development plus SDL Process Template for VSTS 2008, MSF-A+SDL for 
short, a template that helps development teams integrate SDL processes 
into their Visual Studio Team System development environment.

It is based on Microsoft's SDL-Agile processes, which aim to provide 
structure for development projects that happen on a more accelerated 
time line than the typical SDL project.

A version of the template for Visual Studio 2010 will be available 
shortly after Visual Studio 2010 is released in April.

Microsoft is also expanding its SDL Pro Network to include a new 
membership category called Tools. Organizations that join as Tools 
members provide services related to the deployment of security tools, 
like static analyzers, fuzzers, or binary analyzers.

The company announced seven new SDL Pro Network members: Fortify, 
Veracode, and Codenomicon in the Tools category; Booz-Allen Hamilton, 
Casaba Security, and Consult2Comply in the Consulting Member category; 
and Safelight Security Advisors in the Training Member category.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Wed Feb 03 2010 - 22:50:16 PST

This archive was generated by hypermail 2.2.0 : Wed Feb 03 2010 - 23:03:23 PST