MSF-Agile plus Security Development Lifecycle Process Template for TFS 2008


MSF-A+SDL is a TFS process template that incorporates the Security Development Lifecycle (SDL) for Agile process guidance into the MSF Agile development framework.  With the MSF-A+SDL template, any code checked into the Visual Studio Team System source repository by the developer is analyzed to ensure that it complies with SDL secure development practices. The template also automatically creates security workflow tracking items for manual SDL processes such as threat modeling to ensure that these important security activities are not accidentally skipped or forgotten.

Microsoft makes its basic SDL training content available to the public. This content consists of 4 training presentations.

  • Introduction to the Microsoft Security Development Lifecycle (SDL)
  • Introduction to Microsoft Threat Modeling
  • Basics of Secure Design, Development, and Test
  • Privacy for Software Development

Microsoft will be making a TFS 2010 version of the MSF-A+SDL template available shortly after TFS 2010 releases according to this post by Brian Harry.

About wesmacdonald

Wes MacDonald is a Visual Studio ALM MVP, PSD, MCT and a Principal Consultant for LIKE 10 INC., a SharePoint Server, Visual Studio and Team Foundation Server Consulting Firm providing premium support and guidance services.

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: