Microsoft Releases Security Guidelines for Agile by PC World: Yahoo! Tech

Site Navigation

Today In Tech > Who will trade old discs for new?

<< See all Yahoo! Tech News

Microsoft Releases Security Guidelines for Agile

By Jeremy Kirk, IDG News Service - Mon Nov 9, 2009 3:20AM EST
Add articles about technology to your My Yahoo!

See More News at PC World

Recent Tech News Stories

Tech gadgets under $50 that are sure to delight
Dallas Morning News Friday 20th November, 11:59:19 AM
Wolverton: Suggestions for a tech-happy holidays
Contra Costa Times Monday 23rd November, 05:21:50 AM
Several local retailers offer e-cycling opportunities
Lowell Sun Monday 23rd November, 04:11:16 AM

Recent Articles About Technology

Microsoft will release on Tuesday guidelines for developers building online applications and for those utilizing the Agile code-development process.

The Agile guidelines apply principles from Microsoft's Security Development Lifecycle (SDL) to Agile, an umbrella term for a development model frequently used for Web-based applications released under short deadlines, called "sprints."

Microsoft adopted the SDL following the company's pledge in 2002 to build more secure code after several high-profile worms and other malicious software posed dangerous risks to its customers.

But the original SDL doesn't fit the Agile process. Agile differs in that developers have a set time in which to develop certain features, after which the application is immediately released in order to get customer feedback, said Bryan Sullivan, security program manager for Microsoft.

The SDL was originally designed for products, such as the Windows OS, that are non-iterative, meaning that there aren't frequent releases of the product that add just a feature or two. However, all of the SDL requirements have been adopted for the Agile process, but implemented differently, Sullivan said. Agile is used by 85 percent of technology industry professionals, according to Forrester.

Microsoft breaks the SDL down into three requirements: one-time only tasks, those that need to be done for every sprint, and finally "bucket" tasks, which need to be repeated periodically -- such as every six months -- but not for every sprint, Sullivan said. The Agile guidelines will be available on Tuesday on www.microsoft.com.

Microsoft is also releasing a white paper on security for online Web applications. As those applications are increasingly interacting and exchanging information, security is paramount, said Steve Lipner, senior director of security engineering at Microsoft's Trustworthy Computing Group.

The white paper outlines key security issues that developers should consider for Web applications, Lipner said. It also discusses security issues that developers should think about when choosing a hosting provider, such as data and physical security.

Product Categories

Computers	Home Office	Wi-Fi & Networking	Phones & PDAs	Cameras & Camcorders	TV & Home Theater	Portable Audio
Upgrades Desktops Laptops Software Storage	Scanners Monitors Printers	Home Networking	PDAs Cell Phones	Camcorders Digital Cameras	Home Audio & Speakers Home Video Televisions Games & Gear	MP3 Players Car Tech

Today On...

Upgrades

Download Internet Explorer 8

Get the new Internet Explorer 8 optimized for Yahoo!. Read More

Yahoo! Search

Play full songs for free

Search for music artists and listen to full songs right on the search page. Read More

My Tech

Please enable your browser's cookies to activate the My Tech column.

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.