Microsoft spent years shaping the requirements, tooling and cultural changes that have become indispensable parts of its Security Development Lifecycle. Today, the SDL is being revised to address emerging security threats, as well as new computing styles and paradigms that are changing the process of how Microsoft creates its software, said Steve Lipner, Microsoft's senior director of security engineering strategy.
The SDL is a mandatory process used internally at Microsoft during the development of its products, and Microsoft began to share its SDL expertise and tooling with customers last year.
|