Microsoft made available Quick Security Reference — “designed to provide the information necessary to quickly understand and address specific security threats from the perspectives of four IT-focused job roles (business decision makers, architect/program manager, developer, and tester),” revealed. QSRs will also help establish security practices and provide a framework for addressing future incidents. For those familiar with the SDL Optimization Model, the guidance contained in a QSR is targeted at organizations that fall into the “Basic” level of organizational maturity. With QSR, the Security Development Lifecycle (SDL) team introduces a series of basic guidance papers designed to address common vulnerabilities from the perspective of multiple business roles – business decision maker, architect, developer, and tester/QA. These papers’ll help you address a critical business problem now while moving you toward SDL adoption in the future.
Download: SDL Quick Security References