|
 |
|
|
|
|
|
|
|
|
|
|
Assess Your Security Needs
Establishing priorities based on the security maturity level of the development team is a key factor to a successful SDL implementation. To help you assess where your organization falls on the maturity continuum and to help you determine security priorities, Microsoft has created the SDL Optimization Model, a valuable framework to facilitate gradual, consistent, and cost-effective implementation of the SDL.
The SDL Optimization Model is structured around five capability areas and four maturity levels in these areas—Basic, Standardized, Advanced, and Dynamic.
The Advanced maturity level is the point where security is integrated, customer risk is controlled and where an organization can reasonably claim to follow the practices of the Microsoft SDL. The tasks and processes of the advanced level map those listed in the Simplified Implementation of the Microsoft SDL white paper.
An important component of the SDL Optimization Model is the Self-Assessment Guide. The Guide walks you through each SDL phase and poses relevant questions that will help you determine whether your organization meets the requirements for each phase.
Once you understand the level of your organization's maturity, leverage the Implementer's resource guides to create a practical vision and roadmap for gradually moving to the Advanced and Dynamic levels in each of the five software development capability areas.
|
|
 © 2012 Microsoft |
