Microsoft Security Development Conference 2012 highlights importance of SDL

Microsoft's Security Development Conference 2012, held in Washington D.C., brought together IT experts with a wide range of backgrounds to discuss security development lifecycle, a software development practice that ensures programs meet tight security standards.

Microsoft offers a set of free SDL tools and resources, which companies worldwide have utilized, according to eWeek. MidAmerican Energy implemented Microsoft SDL, and improved its security drastically within 350 days. It was the only unit within its parent company that third-party auditors found to be free from vulnerabilities.

"To see more and more private and public organizations recognize the value and importance of implementing secure development practices makes me cautiously optimistic that in the future software will be more secure than the software we’ve seen in the past," Steve Lipner, Partner Director of Program Management, Trustworthy Computing wrote in a Microsoft Trustworthy computing blog post.

According to Microsoft, effective SDL implementation happens in several phases. The first phase involves IT training in software security. After staff are successfully trained, IT should develop security requirements for the program and design the software to fill those requirements. Once the software is designed and implemented, effective SDL practice goes through a layered verification process to ensure the software is effective and meets all of the requirements that were originally outlined.

Learn More

• Find Your Local Center

Courses You may may be interested in

• Microsoft Exchange Server 2010
• Microsoft Exchange Server 2007
• Microsoft Sharepoint 2010
• Microsoft SharePoint 2007
• Microsoft SQL Server 2008
• Microsoft SQL Server 2005
• Microsoft Visual Studio 2010
• Microsoft Visual Studio 2008 and .NET
• Microsoft Windows 7
• Microsoft Windows Server 2008