Home Library Learn Samples Downloads Support Community Forums
Microsoft Developer Network >
Microsoft Security Development Lifecycle (SDL) - Tools

This forum has been locked and set to read only mode.Microsoft Security Development Lifecycle (SDL) - Tools

A forum for discussing how to create more secure applications using SDL Tools This forum has been retired. For all SDL Questions, please use the Microsoft Security Development Lifecycle (SDL) forum. 

Announcements

  • Link

    Workaround for MSF-Agile+SDL v5.0 install error

    Tuesday, August 03, 2010 9:59 PM

    Hi everyone,

    We've talked with some people experiencing problems when trying to install the MSF-Agile+SDL v5.0 process template. We believe these problems are a result of an incompatibility with certain configurations of Sharepoint, and we are working to correct the issue for the next release of the MSF-Agile+SDL template. In the meantime, you should be able to work around the problem by following these instructions to disable the Sharepoint features of the template:

    1. Uninstall the template if you've already installed it.
    2. Reinstall the template files, and uncheck the Additional Sharepoint Components feature during the installation process.
    3. Using your XML editor of choice, open the file <template install dir>\Process Template\Windows SharePoint Services\wsstasks.xml.
    4. Near the bottom of the file, you will see the lines:

    <!--TfsDashboardSDLAgile -->

    <feature featureId="3F6F501A-5DFF-4359-8ED8-232784DFF47E" />

    5. Comment out the second line, ie:

    <!--TfsDashboardSDLAgile -->

    <!-- <feature featureId="3F6F501A-5DFF-4359-8ED8-232784DFF47E" /> -->

    6. Save the file and close

    7. Open the Process Template Manager in Visual Studio

    8. Delete the existing "MSF for Agile Software Development plus Security Development Lifecycle (SDL) v5.0" process template.

    9. Upload the process template again, browse for <template install dir>\Process Template\process template.xml.

    10. Close the Process Template Manager.

    You should now be able to create MSF-A+SDL projects. If you're experiencing the install bug, please let us know if this helps workaround the problem (or if it doesn't).

    Thanks,

    Bryan

  • Link

    Attend the upcoming MSDN Webcast "Using the Attack Surface Analyzer" on April 7, 2011

    Thursday, March 03, 2011 6:17 PM

    The recently released Attack Surface Analyzer tool helps developers review attack surface during the verification phase of the SDL. Additionally, Attack Surface Analyzer allows IT professionals to identify security changes as the result of installing applications on the Windows platform. By taking snapshots before and after an application is installed, Attack Surface Analyzer highlights weaknesses and security misconfigurations as issues and generates an Attack Surface report listing changes to securable objects and the computers attack surface.

     

    This webcast will walk you through how to run Attack Surface Analyzer and how to do basic analysis of the generated report.

    To register for the webcast, click here: https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032480502&Culture=en-US

     

    To download Attack Surface Analyzer, click here: http://go.microsoft.com/?linkid=9758398

Filtering and SortingUse these options to narrow down the question and discussion list.

 
 
RepliesViews
 
 
© 2013 Microsoft. All rights reserved.