Security Market Segment LS
Wednesday, 26 May 2010 09:29

New Visual Studio 2010 template released


Microsoft today released a new version of its MSF Agile + SDL Process (MSF-A+SDL) template that is compatible with Visual Studio 2010.

The MSF-A+SDL template was originally released in February as a beta for Visual Studio 2008. It is designed to help developers  apply the Security Development Lifecycle guidance to the Microsoft Solutions Framework for Agile development framework. A version for Visual Studio 2010 was released today.


The template checks that code complies with SDL practices before allowing it to be checked into a Visual Studio Team System repository, and creates appropriate security workflow tracking items for manual processes such as treat modelling.

For example, the template generates different workflow items depending on whether the developer checks in C++ or .NET code. And when a developer creates a new sprint, new work items are created.

It also helps integration with other tools including Microsoft's SDL Threat Modeling Tool, the Binscope binary analyser and the MiniFuzz file fuzzer, simplifying the task of recording which tools are uncovering the most bugs.

Another feature of the template is the provision of a 'scope' field that makes it easier for the developer to describe the importance of the issue. It is used in conjunction with the 'bug bar rating' to help determine which issues must be fixed before release, explained Bryan Sullivan, senior security program manager at Microsoft.

Microsoft offers a separate template for organisations using CMMI rather than Agile.

Stephen Withers travelled to Seattle as a guest of Microsoft.

Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.


WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News