Jeremy Dallman here to tell you about some new security guidance papers we are releasing today.
“My company was just attacked by something called SQL Injection! I have no idea what that is, or what I should do next! Where do I start?”Unfortunately, this is a frequent scenario for many developers and IT Pros who have just discovered their systems, websites or applications have been compromised.
We’ve spoken to a number of people in the IT community who equate this to being tossed a parachute and thrown out of a plane into free-fall with no idea what to do next. These folks know the parachute will help them, but need a quick and easy way to find the D-Ring.
Today we are releasing the first of a new type of security guidance paper. We are calling them “Quick Security References” (QSRs).
----------------------------------
SDL Quick Security References
http://www.microsoft.com/downloads/details.aspx?FamilyID=79042476-951f-48d0-8ebb-89f26cf8979d&displaylang=en
With the SDL Quick Security References (QSR), the Security Development Lifecycle (SDL) team introduces a series of basic guidance papers designed to address common vulnerabilities from the perspective of multiple business roles - business decision maker, architect, developer, and tester/QA. These papers will help you address a critical business problem now while moving you toward SDL adoption in the future.
----------------------------------
At this point, only two SDL QSRs have been released - XSS and SQLi.
But both should be extremely helpful.
No comments:
Post a Comment