.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

How Do They Do It?: A Look Inside the Security Development Lifecycle at Microsoft

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net

In this article, Microsoft security expert Michael Howard outlines how to apply the Security Development Lifecycle to your own software development processes. He explains how you can take some of the lessons learned at Microsoft when implementing SDL and use them in your own development process.

Michael Howard

MSDN Magazine November 2005

View Complete Post

More Related Resource Links

Resources for soup-to-nuts of website development lifecycle



 I'm looking for a website, or book, or some resource that can lead me down the path from website design to implementation/deployment. I know that covers a ton of material, but I am really looking for the bullet points, or high-lights, to make sure that I think of everything. I am mostly fuzzy on security measures and deployment since I haven't been involved in those aspects before.

Background:  I have been a programmer for many years, and with a little over 3 years' experience coding websites in vb.net/asp.net with sql server. Due to recent restructuring/layoffs at our firm, I find myself in the position of lead IT person - I'm feeling a bit underqualified but I feel this is my chance to work hard and step up to it. I'm very good at vb.net, master pages, css, asp.net, sql server. I'm worried that the person who was the lead before was doing a bunch of stuff that I'm not aware of...so I need to start learning more than just the code. I don't need lessons on how to code anything...I need to learn how it all gets put together - the next step up.

thanks for any suggestions!

Security Briefs: Add a Security Bug Bar to Microsoft Team Foundation Server 2010


Take a peek inside Microsoft's strict development security structure as Bryan Sullivan describes the objective security bug classification system?the "bug bar"?used by internal product and online services teams. He will show you how to incorporate this classification system into your own development environment using Microsoft Team Foundation Server 2010.

Bryan Sullivan

MSDN Magazine March 2010

CLR Inside Out: Exploring the .NET Framework 4 Security Model


The .NET Framework 4 introduces many updates to the .NET security model that make it much easier to host, secure and provide services to partially trusted code. This article dives into the many features and benefits of the .NET security model.

Andrew Dai

MSDN Magazine November 2009

Inside Microsoft patterns & practices: Dependency Injection in Libraries


This article discusses how to write a library or framework that uses the Dependency Injection pattern and how the change in focus affects the usage of the pattern.

Chris Tavares

MSDN Magazine November 2009

Inside Microsoft patterns & practices: Building WPF and Silverlight Applications with a Single Code


This article discusses the Project Linker tool and other techniques to create applications that target both WPF and Silverlight from a single code base.

Erwin van der Valk

MSDN Magazine August 2009

Agile SDL: Streamline Security Practices For Agile Development


Bryan Sullivan discusses the new SDL for Web applications and Agile projects with more compressed release cycles.

Bryan Sullivan

MSDN Magazine November 2008

CLR Inside Out: Security In Silverlight 2


Andrew Dai of the CLR team discusses the Transparency model, which creates a strong isolation boundary between privileged and unprivileged code for Silverlight apps.

Andrew Dai

MSDN Magazine October 2008

Cutting Edge: Inside the Microsoft AJAX Library


Dino Esposito introduces the Microsoft AJAX Library and the JavaScript library for ASP.NET AJAX 1.0.

Dino Esposito

MSDN Magazine December 2007

Inside MSBuild: Compile Apps Your Way With Custom Tasks For The Microsoft Build Engine


Learn how you can use MSBuild to customize your builds. Since it ships as a part of the .NET Framework, you don't even need to have Visual Studio installed on your machine.

Sayed Ibrahim Hashimi

MSDN Magazine June 2006

ISA Server 2004: Developing an Application Filter for Microsoft Internet Security and Acceleration S


The beta version of Internet Security and Acceleration (ISA) Server 2004 is now publicly available. It includes a rich SDK with several extensibility mechanisms that allow third parties to integrate their specialized solutions on top of the ISA platform. In this article, the author explores the application filter extensibility mechanism, which enables you to add high-level application layer filtering capabilities to ISA Server and to provide rich content filtering solutions. He also highlights the new features of the ISA Server 2004 SDK, then moves on to describe how to develop a basic application filter that monitors all data going through the ISA Server, and how to integrate a filter into the ISA Server management console to create a seamless interface experience for your users.

Yigal Edery

MSDN Magazine March 2004

XSLT: Simplify Development and Maintenance of Microsoft .NET Projects with Code Generation Technique


Code generation techniques using technologies such as XSLT are playing an increasingly important part in software projects as they support the development of a rapidly maintainable code base. This article discusses some of the benefits and possible applications of code generation.To demonstrate these techniques the author develops a Web Forms application that supports the maintenance of records in a SQL Server database, using the database's own metadata to drive the generation process. The SQL Server database schema is extracted using SQLXML 3.0 data access and processed through XSLT stylesheets that generate both a database access layer and a Web Forms user interface with query and update pages.

Peter Ashley

MSDN Magazine August 2003

Chapter 4: Branding Your SharePoint Site (Professional Microsoft SharePoint 2007 Development Using M

Learn how to create your own custom site pages and insert Silverlight content into these pages, customize SharePoint lists and views, and insert Silverlight content into existing list views and custom views.

Chapter 6: Advanced Custom Web Parts (Professional Microsoft SharePoint 2007 Development Using Silve

This chapter builds on the Web Parts created in the previous chapter, adding more advanced features.

Chapter 3: SharePoint Developer Tools in Microsoft Visual Studio 2010 (Inside SharePoint 2010)

Learn what's new with the SharePoint developer platform from experts on Microsoft SharePoint Foundation 2010 and Microsoft SharePoint Server 2010.

Chapter 2: SharePoint Foundation Development (Inside SharePoint 2010)

Learn what's new with the SharePoint developer platform from experts on Microsoft SharePoint Foundation 2010 and Microsoft SharePoint Server 2010.

Chapter 1: SharePoint 2010 Developer Roadmap (Inside Microsoft SharePoint 2010)

Learn what's new with the SharePoint developer platform from experts on SharePoint Foundation 2010 and SharePoint Server 2010.

Video: Microsoft Office 2010 Development Tools

Visual Studio 2010, SharePoint Designer 2010, InfoPath 2010, and Access 2010 are tools a developer can use to build solutions for Office and SharePoint 2010. This video provides an introduction to these tools and how they have been greatly enhanced to support solution development. (Length: 4:38)
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend