Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Great blog post by Steven Sinofsky from the Windows division, reminding folks that Windows 8 is going to be built using the Microsoft SDL. From the blog post:
Secure by design
We use the Security Development Lifecycle (SDL) to build Windows with the best security design, development and testing practices available. Some highlights include:
- Threat modeling and security design reviews. During the design process we consider how criminals might seek to attack features and scenarios, and incorporate this analysis into our designs.
- Writing secure code. Training and code quality tools help to prevent common coding issues from entering the Windows source code.
- Penetration testing. Security engineers take an attacker’s perspective when reviewing a completed set of features that make up a scenario.
- Security code reviews. Security engineers provide additional security-oriented code reviews for highly sensitive components.
- Security tools. Tools continuously updated with the latest state of the art in finding and exploiting software provide a scalable solution to improve existing code.
Protecting you from malware - Building Windows 8 - Site Home - MSDN Blogs