The Microsoft SDL – Developer Starter Kit offers content, labs, and training to help you establish a standardized approach to rolling out the Microsoft Security Development Lifecycle (SDL) in your organization—or enrich your existing development practices.
This Kit provides a compliation of baseline developer security training materials on the following core Microsoft Security Development Lifecycle (SDL) topics:
a) secure design principles;
b) secure implementation principles;
c) secure verification principles;
d) SQL injection;
e) cross-site scripting;
f) code analysis;
g)banned application programming interfaces (APIs);
h) buffer overflows;
i) source code annotation language;
j) security code review;
k) compiler defenses;
l) fuzz testing;
m) Microsoft SDL threat modeling principles; and
n) the Microsoft SDL threat modeling tool. Each set of guidance contains Microsoft Office PowerPoint slides, speaker notes, train-the-trainer audio files, and sample comprehension questions.
All materials have limited formatting so that you can leverage the content to achieve broader, enhanced adoption of Microsoft SDL principles in your development organization.
Download the Starter Kit Here
- The Trustworthy Computing Security Development Lifecycle – http://msdn.microsoft.com/en-us/library/ms995349.aspx
- SDL Home – http://msdn.microsoft.com/hi-in/security/cc448177.aspx
- SDL Blog – http://blogs.msdn.com/sdl/
- Security Forums – http://social.msdn.microsoft.com/forums/en-US/sqlsecurity/threads/