Tag Archives: Security Modeling

SCADA/Smart-Grid Vendor Adopts Microsoft’s Secure Software Development Program

Source: Dark Reading by Kelly Jackson Higgins In this article “Microsoft today added two new recruits to its Secure Development Lifecycle (SDL) — a SCADA and smart-grid supplier and the government of India. The software giant named the latest adopters of its process for writing secure applications today at its first-ever Security Development Conference. in Washington, D.C. The announcement follows that… Read More »

Microsoft Security Development Lifecycle

Source: Microsoft Introduction The purpose of this paper is to illustrate the core concepts of the Microsoft Security Development Lifecycle (SDL) and to discuss the individual security activities that should be performed in order to claim compliance with the SDL process. This paper presents: A brief overview of the Microsoft SDL. An overview of the Microsoft SDL Optimization… Read More »

Comprehensive, Lightweight Application Security Process (CLASP)

Source: OWASP CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible. CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It… Read More »

A Guide to Building Secure Web Applications and Web Services

Source: OWASP We have re-written Guide from the ground up, dealing with all forms of web application security issues, from old hoary chestnuts such as SQL injection, through modern concerns such as phishing, credit card handling, session fixation, cross-site request forgeries, and compliance and privacy issues. In Guide 2.0, you will find details on securing most forms of… Read More »