Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Updated: July 13, 2020 (June 8, 2009)

  Analyst Report

Template Guides Development of Secure Code

My Atlas / Analyst Reports

606 wordsTime to read: 4 min
Rob Sanfilippo by
Rob Sanfilippo
Rob Sanfilippo by
Rob Sanfilippo

Before joining Directions on Microsoft, Rob worked at Microsoft for 14 years where he designed technologies for Microsoft products and... more

The free Security Development Lifecycle (SDL) Process Template for Visual Studio Team System (VSTS), which became available in May 2009, could help development teams use the same practices Microsoft uses internally to minimize security vulnerabilities in software. The template can be applied to a VSTS project to add security-related objects, such as work items, guidance documents, check-in policies, and reports, into the VSTS development environment. However, the template does not leverage new functionality in VSTS 2010, which will probably arrive in the first half of 2010.

Reducing Application Vulnerabilities

SDL is a mandatory set of practices Microsoft uses during software development to minimize security vulnerabilities in its products. They include the following:

  • Developing threat models early in the process to ensure the product team mitigates the threats in design, coding, and testing
  • Using code-scanning tools during development and testing to help find commonly exploited

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now