Microsoft’s “Baking Security In” February 19, 2009Posted by baldricman in Tech.
Tags: development, lifecycle, microsoft, SDL, SDLC, security, software
Well if ever you feel guilty about reading comics at work (pffft!), then today you can rest easy… Microsoft, having a rather colourful history in all things security-related, have in reality made good progress over the years (in typical MS fashion of course: release the worst Product X known to man, copying all others…. but eventually, eventually, they reach the top of their game and have a fantastic product X (albeit 8 years and 15 versions later…). Anyway, I digress:
They have created an innovative narrative to sell their “Baking Security In” concept or methodology, which is really what they call the “Security Development Lifecycle”, which is a series of 14 steps or processes tightly interwoven in their 6-step Software Development Lifecycle. What is interesting about it is that they’ve taken the route of creating characters and accompanying comic strips to tell the story of a software dev team etc. I recommend checking out the following link to Baking Security In
Don’t be fooled into thinking its all ground-breaking stuff (when last did THAT happen in IT anyway?), but I think its a good thing to go over for any dev team, even if it is just to raise awareness of the concepts, and not to actually implement. I’ll be taking a closer look at the details as soon as I can (Non-cartoony SDL can be found here), but so far, it seems to have some great principles and tips described…