• Home

  • Documents

  • Microsoft Security Development Lifecycle (SDL)...
1
The “Perfect Storm” SDL Ramp Up Setting a New Bar Collaboration TwC Next 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012~ 2000 2001 Microsoft Security Development Lifecycle (SDL) Evolution TwC Next: Marking a Milestone. Continuing Our Commitment. | Trustworthy Computing www.microsoft.com/sdl Source: *Gartner Research Press Release, January 26, 2011, Gartner Says Worldwide Mobile Application Store Revenue Forecast to Surpass $15 Billion in 2011 http://www.gartner.com/it/page.jsp?id=1529214 The Microsoft SDL is the industry-leading software security assurance process. A Microsoft wide initiative and mandatory policy since 2004, the Microsoft Security Development Lifecycle (SDL) has played a critical role in improving the security and privacy of Microsoft software and services with the goal of reducing customer risk. Combining a holistic and practical approach, the Microsoft SDL embeds security and privacy throughout the development process. We believe that by freely sharing the SDL resources, tools, and collaborating with the industry on secure application development, together we can help build safer more trusted computing experiences for everyone. Growth of Home PCs Rise of Malicious Software Increasing Privacy Concerns Internet Use Expansion Bill Gates’ TwC Memo Microsoft Security Push Microsoft SDL Launched SDL Becomes Mandatory Policy at Microsoft Windows XP SP2 and Windows Server 2003 Launched with Security Emphasis Windows Vista and Office 2007 Fully Integrate the SDL SDL Released to Public Data Execution Prevention (DEP) & Address Space Layout Randomization (ASLR) Introduced as Features Threat Modeling Tool Launches Microsoft joins SAFECode Microsoft Establishes SDL Pro Network Defense Information Systems Agency (DISA) & National Institution Standards and Technology (NIST) Specify Practices Featured in the SDL Microsoft Collaborates with Adobe and Cisco on SDL Practices MidAmerican Energy Adopts SDL Practices SDL Released Under the Creative Commons License Additional resources dedicated to address projected growth in Mobile app downloads* Industrywide Acceptance of Practices Aligned with SDL Adaptation of SDL to New Technologies and Changes in the Threat Landscape Increased Industry Resources to Enable Global Secure Development Adoption

Microsoft Security Development Lifecycle (SDL) Evolutiondownload.microsoft.com/.../SDL_Timeline_Infographic.pdfThe “Perfect Storm” SDL Ramp Up Setting a New Bar Collaboration TwC

  • Upload
    others

  • View
    9

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Microsoft Security Development Lifecycle (SDL) Evolutiondownload.microsoft.com/.../SDL_Timeline_Infographic.pdfThe “Perfect Storm” SDL Ramp Up Setting a New Bar Collaboration TwC

The “Perfect Storm” SDL Ramp Up Setting a New Bar Collaboration TwC Next

2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012~2000 2001

Microsoft Security Development Lifecycle (SDL) EvolutionTwC Next: Marking a Milestone. Continuing Our Commitment.

| Trustworthy Computing www.microsoft.com/sdlSource: *Gartner Research Press Release, January 26, 2011, Gartner Says Worldwide Mobile Application

Store Revenue Forecast to Surpass $15 Billion in 2011http://www.gartner.com/it/page.jsp?id=1529214

The Microsoft SDL is the industry-leading software security assurance process. A Microsoft wide initiative and mandatory policy since 2004, the Microsoft Security Development Lifecycle (SDL) has played a critical role in improving the security and privacy of Microsoft software and services with the goal of reducing customer risk. Combining a holistic

and practical approach, the Microsoft SDL embeds security and privacy throughout the development process. We believe that by freely sharing the SDL resources, tools, and collaborating with the industry on secure application development, together we can help build safer more trusted computing experiences for everyone.

Growth of Home PCs

Rise of Malicious Software

Increasing Privacy Concerns

Internet Use Expansion

Bill Gates’ TwC Memo

Microsoft Security Push

Microsoft SDL Launched

SDL Becomes Mandatory Policy at Microsoft

Windows XP SP2 and Windows Server 2003 Launched with Security Emphasis

Windows Vista and Office 2007 Fully Integrate the SDL

SDL Released to Public

Data Execution Prevention (DEP) & Address Space Layout Randomization (ASLR) Introduced as Features

Threat Modeling Tool Launches

Microsoft joins SAFECodeMicrosoft Establishes SDL Pro NetworkDefense Information Systems Agency (DISA) & National Institution Standards and Technology (NIST) Specify Practices Featured in the SDLMicrosoft Collaborates with Adobe and Cisco on SDL PracticesMidAmerican Energy Adopts SDL Practices

SDL Released Under the Creative Commons License

Additional resources dedicated to address projected growth in Mobile app downloads*

Industrywide Acceptance of Practices Aligned with SDL

Adaptation of SDL to New Technologies and Changes in the Threat Landscape

Increased Industry Resources to Enable Global Secure Development Adoption

Twc 400 presentation1

Twc 400 presentation1

Documents
TWC Booklet

TWC Booklet

Documents
TWC Proj1 Presentation4

TWC Proj1 Presentation4

Business
Twc cog sensing_2010

Twc cog sensing_2010

Documents
TWC VOL002

TWC VOL002

Documents
Introduction to SDL - National Chiao Tung Universityshannon.cm.nctu.edu.tw/netexp/sdl.pdfIntroduction to SDL SDL : 2 Network Experiment ... • SDL (Specification and Description Language)

Introduction to SDL - National Chiao Tung Universityshannon.cm.nctu.edu.tw/netexp/sdl.pdfIntroduction to SDL SDL : 2 Network Experiment ... • SDL (Specification and Description Language)

Documents
SDL Journals.pdf · 2015. 1. 21. · SDL

SDL Journals.pdf · 2015. 1. 21. · SDL

Documents
I. GENERAL TWC QUESTIONS 5 · 2020. 6. 29. · 5 Table of Contents I. General TWC Questions Contacting TWC AEL Staff 1. Q) How do I contact TWC AEL? (3/20/20) A) TWC AEL and BAEL

I. GENERAL TWC QUESTIONS 5 · 2020. 6. 29. · 5 Table of Contents I. General TWC Questions Contacting TWC AEL Staff 1. Q) How do I contact TWC AEL? (3/20/20) A) TWC AEL and BAEL

Documents
SDL Trados Studio 2017, Jocelyn He (SDL)

SDL Trados Studio 2017, Jocelyn He (SDL)

Presentations & Public Speaking
twc file update

twc file update

Documents
Power yoga TWC

Power yoga TWC

Documents
SDL Trados 2007 Installation Guide - SDL - Global Customer

SDL Trados 2007 Installation Guide - SDL - Global Customer

Documents
TWC Presentation

TWC Presentation

Documents
Introducing SDL Trados Studio 2015 & SDL MultiTerm 2015

Introducing SDL Trados Studio 2015 & SDL MultiTerm 2015

Software
Twc Final Presentation

Twc Final Presentation

Technology
Twc 490 capstone

Twc 490 capstone

Documents
TWC All Lowres

TWC All Lowres

Documents
Twc Presentation1

Twc Presentation1

Education
Twc Pmeeds Report

Twc Pmeeds Report

Documents
TWC Portfolio

TWC Portfolio

Documents
TWC Brochure

TWC Brochure

Documents
TWC Staff Tree

TWC Staff Tree

Documents
SDL Trados 2007 Installation Guidedownloadcentre.sdl.com/T2007/Suite/Installation_en_client.pdf · SDL TRADOS 2007 INSTALLATION GUIDE 1 ... \Program Files\SDL International\SDL

SDL Trados 2007 Installation Guidedownloadcentre.sdl.com/T2007/Suite/Installation_en_client.pdf · SDL TRADOS 2007 INSTALLATION GUIDE 1 ... \Program Files\SDL International\SDL

Documents
TWC Yearbook 2009

TWC Yearbook 2009

Documents
TWC Proj2 Presentation3

TWC Proj2 Presentation3

Health & Medicine
TWC Appeals

TWC Appeals

Documents
Annual 2015 twc

Annual 2015 twc

Documents
TWC Advising Guide

TWC Advising Guide

Documents
TWC Mobile Brochure

TWC Mobile Brochure

Documents
Pharmacy Daily for Wed 04 Sep 2013 - Compliance to ramp up, Call for Vitamin IP recognition, TWC hearing tests, Health

Pharmacy Daily for Wed 04 Sep 2013 - Compliance to ramp up, Call for Vitamin IP recognition, TWC hearing tests, Health

Documents