Use basic SDL principles without the SDL template RRS feed

  • Question

  • Hello,

    We are at the beginning of a big development project and we would like to include security from the start in our development processes.

    As we don't use Team System, only Visual Studio Professional 2010, we cannot use the SDL template. How can we manually apply basic SDL principles in our development process (Scrum)?

    On the other hand, is SDL appropriate to manually apply security principles from the start?

    In brief, how to begin?

    Any feedback of suggestions are welcomed.

    • Moved by Hengzhe Li Tuesday, June 21, 2011 12:08 PM Forum Consolidate (From:Microsoft Security Development Lifecycle (SDL) - Threat Modeling)
    Monday, May 3, 2010 3:32 PM


  • Absolutely you can apply SDL without the template. You can download the manual SDL process guidance document here: http://go.microsoft.com/?linkid=9724944. This document includes the guidance specific to Agile/Scrum methodologies that you mentioned you are following.

    • Marked as answer by labate Tuesday, May 4, 2010 6:35 AM
    Monday, May 3, 2010 8:20 PM