MSF-Agile plus Security Development Lifecycle Process Template for TFS 2008

MSF-A+SDL is a TFS process template that incorporates the Security Development Lifecycle (SDL) for Agile process guidance into the MSF Agile development framework.  With the MSF-A+SDL template, any code checked into the Visual Studio Team System source repository by the developer is analyzed to ensure that it complies with SDL secure development practices. The template also automatically creates security workflow tracking items for manual SDL processes such as threat modeling to ensure that these important security activities are not accidentally skipped or forgotten.

Microsoft makes its basic SDL training content available to the public. This content consists of 4 training presentations.

  • Introduction to the Microsoft Security Development Lifecycle (SDL)
  • Introduction to Microsoft Threat Modeling
  • Basics of Secure Design, Development, and Test
  • Privacy for Software Development

Microsoft will be making a TFS 2010 version of the MSF-A+SDL template available shortly after TFS 2010 releases according to this post by Brian Harry.

About Wes MacDonald

Wes MacDonald is a DevOps Consultant for LIKE 10 INC., a DevOps consulting firm providing premium support, guidance and services for Azure, Microsoft 365 and Azure DevOps.

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: