The Security Development Lifecycle

The Security Development Lifecycle

  • Nombre de pages : 330 pages   cd   drapeau anglais
  • Date de parution : 15/06/2006 
  • EAN13 : 9780735622142

Livre Papier

30.79 €


Librairie Eyrolles
Paris 5eme



Livraison à partir de 0.01 € en France métropolitaine (1)

Paiement en ligne SÉCURISÉ

LIVRAISON dans le monde entier

Retour sous 15 jours


Your in-depth, expert guide to the proven process that helps reduce security bugs.

Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs-the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL-from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.

Discover how to:

  • Use a streamlined risk-analysis process to find security design issues before code is committed
  • Apply secure-coding best practices and a proven testing process
  • Conduct a final security review before a product ships
  • Arm customers with prescriptive guidance to configure and deploy your product more securely
  • Establish a plan to respond to new security vulnerabilities
  • Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum

Includes a CD featuring:

  • A six-part security class video conducted by the authors and other Microsoft security experts
  • Sample SDL documents and fuzz testing tool

PLUS-Get book updates on the Web.


  • The Need for the SDL
    • Enough is enough : the threats have changed
    • Current software development methods fail to produce secure software
    • A short history of the SDL at Microsoft
    • SDL for management
  • The Security Development Lifecycle Process
    • Stage 0 : education and awareness
    • Stage 1 : project inception
    • Stage 2 : define and follow design best practices
    • Stage 3 : product risk assessment
    • Stage 4 : risk analysis
    • Stage 5 : creating security documents, tools, and best practices for customers
    • Stage 6 : secure coding policies
    • Stage 7 : secure testing policies
    • Stage 8 : the security push
    • Stage 9 : the final security review
    • Stage 10 : security response planning
    • Stage 11 : product release
    • Stage 12 : security response execution
  • SDL Reference Material
    • Integrating SDL with agile methods
    • SDL banned function calls
    • SDL minimum cryptographic standards
    • SDL-required tools and compiler options
    • Threat tree patterns


Editeur(s)Microsoft Press
Auteur(s)Michael Howard - Steven Lipner
Parution 15/06/2006
Edition  1ère édition
Nb de pages 330
Format 19 x 23
Poids 740
IntérieurNoir et Blanc
EAN13 9780735622142
ISBN13 978-0-7356-2214-2

Avis (0)

Soyez le premier à donner votre avis. Donnez votre avis
Idée cadeaux de Noël