Microsoft SDL - Version 4.1a
Transcript of Microsoft SDL - Version 4.1a
-
8/14/2019 Microsoft SDL - Version 4.1a
1/128
http://www.microsoft.com/sdl -
8/14/2019 Microsoft SDL - Version 4.1a
2/128
-
8/14/2019 Microsoft SDL - Version 4.1a
3/128
http://msdn.microsoft.com/en-us/library/84aed186-1d75-4366-8e61-8d258746bopq.aspxhttp://www.microsoft.com/sdl -
8/14/2019 Microsoft SDL - Version 4.1a
4/128
-
8/14/2019 Microsoft SDL - Version 4.1a
5/128
-
8/14/2019 Microsoft SDL - Version 4.1a
6/128
-
8/14/2019 Microsoft SDL - Version 4.1a
7/128
-
8/14/2019 Microsoft SDL - Version 4.1a
8/128
-
8/14/2019 Microsoft SDL - Version 4.1a
9/128
-
8/14/2019 Microsoft SDL - Version 4.1a
10/128
-
8/14/2019 Microsoft SDL - Version 4.1a
11/128
-
8/14/2019 Microsoft SDL - Version 4.1a
12/128
-
8/14/2019 Microsoft SDL - Version 4.1a
13/128
-
8/14/2019 Microsoft SDL - Version 4.1a
14/128
-
8/14/2019 Microsoft SDL - Version 4.1a
15/128
http://www.microsoft.com/learning/en/us/Books/5957.aspxhttp://msdn.microsoft.com/msdnmag/issues/06/11/ThreatModeling/http://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.awprofessional.com/bookstore/product.asp?isbn=0321224094&rl=1http://web.mit.edu/Saltzer/www/publications/protection/ -
8/14/2019 Microsoft SDL - Version 4.1a
16/128
http://en.wikipedia.org/wiki/Bell-LaPadula_Modelhttp://en.wikipedia.org/wiki/Biba_model -
8/14/2019 Microsoft SDL - Version 4.1a
17/128
-
8/14/2019 Microsoft SDL - Version 4.1a
18/128
http://www.microsoft.com/learning/en/us/Books/8753.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
19/128
http://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=en -
8/14/2019 Microsoft SDL - Version 4.1a
20/128
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/aptcatypes.asphttp://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/aptcatypes.asphttp://www.microsoft.com/downloads/details.aspx?familyid=3389F7E4-0E55-4A4D-BC74-4AEABB17997B&displaylang=en -
8/14/2019 Microsoft SDL - Version 4.1a
21/128
http://msdn.microsoft.com/en-us/library/bb736286(VS.85).aspxhttp://msdn.microsoft.com/en-us/security/cc420639.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
22/128
http://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://msdn2.microsoft.com/en-us/library/ms972812.aspxhttp://msdn2.microsoft.com/en-us/library/ms972812.aspxhttp://www.cs.cmu.edu/afs/cs/project/svc/projects/security/wadis1.pdf -
8/14/2019 Microsoft SDL - Version 4.1a
23/128
http://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=3389F7E4-0E55-4A4D-BC74-4AEABB17997B&displaylang=enhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/learning/en/us/Books/5957.aspxhttp://msdn2.microsoft.com/en-us/library/ms972812.aspxhttp://www.cs.cmu.edu/~wing/publications/Howard-Wing03.pdf -
8/14/2019 Microsoft SDL - Version 4.1a
24/128
-
8/14/2019 Microsoft SDL - Version 4.1a
25/128
http://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://msdn.microsoft.com/msdnmag/issues/06/11/ThreatModeling/default.aspxhttp://msdn.microsoft.com/en-us/security/dd206731.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
26/128
http://msdn2.microsoft.com/en-us/library/ms972812.aspxhttp://www.cs.cmu.edu/~wing/publications/Howard-Wing03.pdf -
8/14/2019 Microsoft SDL - Version 4.1a
27/128
http://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/sgch00.mspx -
8/14/2019 Microsoft SDL - Version 4.1a
28/128
-
8/14/2019 Microsoft SDL - Version 4.1a
29/128
http://www.microsoft.com/learning/en/us/Books/5957.aspxhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/learning/en/us/Books/5957.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
30/128
http://msdn2.microsoft.com/en-us/library/ms737408.aspxhttp://msdn2.microsoft.com/en-us/library/ms737408.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
31/128
http://blogs.msdn.com/sdl/archive/2008/10/22/good-hygiene-and-banned-apis.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
32/128
http://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://msdn2.microsoft.com/en-us/library/aa290051(VS.71).aspxhttp://msdn2.microsoft.com/en-us/library/ms235402(VS.80).aspx -
8/14/2019 Microsoft SDL - Version 4.1a
33/128
http://www.microsoft.com/learning/en/us/Books/5957.aspxhttp://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.microsoft.com/downloads/details.aspx?FamilyID=c4a25ab9-649d-4a1b-b4a7-c9d8b095df18&DisplayLang=en -
8/14/2019 Microsoft SDL - Version 4.1a
34/128
http://msdn2.microsoft.com/en-gb/library/ms792872.aspxhttp://msdn2.microsoft.com/en-gb/library/ms792582.aspxhttp://msdn.microsoft.com/en-us/library/ms691379(VS.85).aspxhttp://msdn.microsoft.com/en-us/library/ms682521(VS.85).aspxhttp://msdn.microsoft.com/en-us/library/ms682521(VS.85).aspx -
8/14/2019 Microsoft SDL - Version 4.1a
35/128
http://technet.microsoft.com/en-us/library/bb457063.aspxhttp://technet.microsoft.com/en-us/library/bb457063.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
36/128
-
8/14/2019 Microsoft SDL - Version 4.1a
37/128
-
8/14/2019 Microsoft SDL - Version 4.1a
38/128
http://www.microsoft.com/learning/en/us/Books/8753.aspxhttp://www.amazon.com/How-Break-Software-Practical-Testing/dp/0201796198/ref=pd_bxgy_b_text_b/103-1123225-5429458http://www.amazon.com/Break-Software-Security-James-Whittaker/dp/0321194330/ref=pd_bxgy_b_text_c -
8/14/2019 Microsoft SDL - Version 4.1a
39/128
http://www.microsoft.com/learning/en/us/Books/5957.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
40/128
-
8/14/2019 Microsoft SDL - Version 4.1a
41/128
http://www.microsoft.com/learning/en/us/Books/8753.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
42/128
http://www.microsoft.com/learning/en/us/Books/8753.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
43/128
http://www.microsoft.com/learning/en/us/Books/8753.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
44/128
-
8/14/2019 Microsoft SDL - Version 4.1a
45/128
-
8/14/2019 Microsoft SDL - Version 4.1a
46/128
http://www.microsoft.com/learning/en/us/Books/8753.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
47/128
-
8/14/2019 Microsoft SDL - Version 4.1a
48/128
-
8/14/2019 Microsoft SDL - Version 4.1a
49/128
-
8/14/2019 Microsoft SDL - Version 4.1a
50/128
-
8/14/2019 Microsoft SDL - Version 4.1a
51/128
-
8/14/2019 Microsoft SDL - Version 4.1a
52/128
-
8/14/2019 Microsoft SDL - Version 4.1a
53/128
http://msdn.microsoft.com/en-us/security/dd206731.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
54/128
-
8/14/2019 Microsoft SDL - Version 4.1a
55/128
-
8/14/2019 Microsoft SDL - Version 4.1a
56/128
http://www.microsoft.com/learning/en/us/book.aspx?ID=8753&locale=en-us -
8/14/2019 Microsoft SDL - Version 4.1a
57/128
http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0072260858 -
8/14/2019 Microsoft SDL - Version 4.1a
58/128
http://searchsoftwarequality.techtarget.com/sDefinition/0,,sid92_gci211585,00.htmlhttp://searchcio.techtarget.com/sDefinition/0,,sid182_gci214546,00.html -
8/14/2019 Microsoft SDL - Version 4.1a
59/128
http://msinfosec.com/http://msdn.microsoft.com/en-us/library/fkytk30f(VS.71).aspxhttp://channel9.msdn.com/Wiki/SecurityWiki/TestCasesSQLInject/ -
8/14/2019 Microsoft SDL - Version 4.1a
60/128
http://technet.microsoft.com/en-us/library/cc163143.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
61/128
-
8/14/2019 Microsoft SDL - Version 4.1a
62/128
-
8/14/2019 Microsoft SDL - Version 4.1a
63/128
http://msdn.microsoft.com/en-us/security/aa570413.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
64/128
http://msdn.microsoft.com/en-us/security/dd206731.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
65/128
http://msdn.microsoft.com/en-us/security/aa570413.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
66/128
http://msdn.microsoft.com/en-us/library/aa302421.aspxhttp://msdn.microsoft.com/en-us/library/ms998392.aspxhttp://msdn.microsoft.com/en-us/library/ms998364.aspxhttp://msdn.microsoft.com/en-us/library/ms998364.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
67/128
http://msinfosec.com/http://msinfosec.com/http://msdn.microsoft.com/en-us/library/bb429476(VS.80).aspxhttp://support.microsoft.com/kb/954476http://msdn.microsoft.com/en-au/library/aa302335.aspxhttp://msdn.microsoft.com/en-us/library/ms998364.aspxhttp://msinfosec.com/http://msinfosec.com/http://support.microsoft.com/kb/954476 -
8/14/2019 Microsoft SDL - Version 4.1a
68/128
-
8/14/2019 Microsoft SDL - Version 4.1a
69/128
http://msdn.microsoft.com/en-us/library/ms998378.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
70/128
-
8/14/2019 Microsoft SDL - Version 4.1a
71/128
-
8/14/2019 Microsoft SDL - Version 4.1a
72/128
-
8/14/2019 Microsoft SDL - Version 4.1a
73/128
-
8/14/2019 Microsoft SDL - Version 4.1a
74/128
http://technet.microsoft.com/en-us/security/cc184924.aspxhttp://technet.microsoft.com/en-us/library/cc506047.aspxhttp://technet.microsoft.com/en-us/library/cc531019.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
75/128
http://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=en -
8/14/2019 Microsoft SDL - Version 4.1a
76/128
-
8/14/2019 Microsoft SDL - Version 4.1a
77/128
-
8/14/2019 Microsoft SDL - Version 4.1a
78/128
http://go.microsoft.com/fwlink/?LinkID=75045http://go.microsoft.com/fwlink/?LinkID=75045 -
8/14/2019 Microsoft SDL - Version 4.1a
79/128
http://go.microsoft.com/fwlink/?LinkID=75045http://go.microsoft.com/fwlink/?LinkID=75045 -
8/14/2019 Microsoft SDL - Version 4.1a
80/128
http://go.microsoft.com/fwlink/?LinkID=75045 -
8/14/2019 Microsoft SDL - Version 4.1a
81/128
-
8/14/2019 Microsoft SDL - Version 4.1a
82/128
http://www.ece.cmu.edu/~dawnsong/papers/privtrans.pdf -
8/14/2019 Microsoft SDL - Version 4.1a
83/128
-
8/14/2019 Microsoft SDL - Version 4.1a
84/128
-
8/14/2019 Microsoft SDL - Version 4.1a
85/128
-
8/14/2019 Microsoft SDL - Version 4.1a
86/128
-
8/14/2019 Microsoft SDL - Version 4.1a
87/128
-
8/14/2019 Microsoft SDL - Version 4.1a
88/128
-
8/14/2019 Microsoft SDL - Version 4.1a
89/128
-
8/14/2019 Microsoft SDL - Version 4.1a
90/128
-
8/14/2019 Microsoft SDL - Version 4.1a
91/128
http://msdn2.microsoft.com/en-us/library/aa366551.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
92/128
http://blogs.msdn.com/michael_howard/archive/2006/05/19/602077.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
93/128
-
8/14/2019 Microsoft SDL - Version 4.1a
94/128
http://blogs.msdn.com/michael_howard/archive/2006/05/19/602077.aspx -
8/14/2019 Microsoft SDL - Version 4.1a
95/128
-
8/14/2019 Microsoft SDL - Version 4.1a
96/128
-
8/14/2019 Microsoft SDL - Version 4.1a
97/128
-
8/14/2019 Microsoft SDL - Version 4.1a
98/128
-
8/14/2019 Microsoft SDL - Version 4.1a
99/128
-
8/14/2019 Microsoft SDL - Version 4.1a
100/128
-
8/14/2019 Microsoft SDL - Version 4.1a
101/128
-
8/14/2019 Microsoft SDL - Version 4.1a
102/128
http://en.wikipedia.org/wiki/Penetration_Testing -
8/14/2019 Microsoft SDL - Version 4.1a
103/128
-
8/14/2019 Microsoft SDL - Version 4.1a
104/128
-
8/14/2019 Microsoft SDL - Version 4.1a
105/128
-
8/14/2019 Microsoft SDL - Version 4.1a
106/128
-
8/14/2019 Microsoft SDL - Version 4.1a
107/128
-
8/14/2019 Microsoft SDL - Version 4.1a
108/128
-
8/14/2019 Microsoft SDL - Version 4.1a
109/128
-
8/14/2019 Microsoft SDL - Version 4.1a
110/128
-
8/14/2019 Microsoft SDL - Version 4.1a
111/128
-
8/14/2019 Microsoft SDL - Version 4.1a
112/128
-
8/14/2019 Microsoft SDL - Version 4.1a
113/128
-
8/14/2019 Microsoft SDL - Version 4.1a
114/128
-
8/14/2019 Microsoft SDL - Version 4.1a
115/128
-
8/14/2019 Microsoft SDL - Version 4.1a
116/128
-
8/14/2019 Microsoft SDL - Version 4.1a
117/128
-
8/14/2019 Microsoft SDL - Version 4.1a
118/128
-
8/14/2019 Microsoft SDL - Version 4.1a
119/128
-
8/14/2019 Microsoft SDL - Version 4.1a
120/128
http://www.microsoft.com/downloads/details.aspx?FamilyID=c48cf80f-6e87-48f5-83ec-a18d1ad2fc1f&displaylang=en -
8/14/2019 Microsoft SDL - Version 4.1a
121/128
-
8/14/2019 Microsoft SDL - Version 4.1a
122/128
-
8/14/2019 Microsoft SDL - Version 4.1a
123/128
-
8/14/2019 Microsoft SDL - Version 4.1a
124/128
-
8/14/2019 Microsoft SDL - Version 4.1a
125/128
-
8/14/2019 Microsoft SDL - Version 4.1a
126/128
-
8/14/2019 Microsoft SDL - Version 4.1a
127/128
http://msinfosec.com/ -
8/14/2019 Microsoft SDL - Version 4.1a
128/128