Goodreads helps you keep track of books you want to read.
Start by marking “The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software (Developer Best Practices)” as Want to Read:
The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software (Developer Best Practices)
Enlarge cover
Rate this book
Clear rating
Open Preview

The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software (Developer Best Practices)

3.83  ·  Rating details ·  42 Ratings  ·  4 Reviews
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stag ...more
Paperback, 352 pages
Published June 28th 2006 by Microsoft Press (first published June 7th 2006)
More Details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about The Security Development Lifecycle, please sign up.

Be the first to ask a question about The Security Development Lifecycle

This book is not yet featured on Listopia. Add this book to your favorite list »

Community Reviews

(showing 1-30)
Rating details
Sort: Default
|
Filter
Alex Ott
Very useful book on organizing security-related development process. Although, sometimes it mentions Microsoft technologies, but most of times authors discuss generic security-related issues, processes, etc.
Book covers wide area of topics, and would be very useful for sr. engineers, development managers, etc.
Gishu Pillai
Jun 20, 2017 rated it liked it
Liked the chapters on STRIDE, secure design principles + threat modeling.

Like the title says it is a lifecycle doc - checklists + phases. Not sure how well this translates to something that isn't done via waterfall. The process is heavy to do frequently.
Justin Liew
Sep 09, 2014 rated it liked it
This is a slightly out of date book, but is a good starting point for projects wanting to incorporate better security into their development life cycle.
Elaine Leow
rated it it was amazing
May 06, 2017
Michael
rated it liked it
Aug 20, 2015
Raman Sharma
rated it really liked it
Apr 02, 2013
Rido
rated it really liked it
Jan 12, 2015
Costel
rated it really liked it
Sep 14, 2012
Dean
rated it liked it
Aug 28, 2012
Igor
rated it really liked it
Oct 04, 2017
Erik
rated it it was amazing
Jan 09, 2017
Alin
rated it it was amazing
May 21, 2018
JD
May 24, 2007 rated it it was amazing
The way forward.
William Lanchester
rated it it was amazing
May 07, 2017
Ian
rated it it was ok
Mar 09, 2013
Murphy Moreno
rated it liked it
Aug 06, 2013
Karthik
rated it really liked it
Jun 02, 2015
Peter Jansson
rated it liked it
Feb 12, 2018
Daniel Koller
rated it did not like it
Apr 18, 2017
Abhi
rated it it was amazing
Mar 16, 2015
David
rated it liked it
Dec 27, 2013
Jonathan Creekmore
rated it really liked it
Oct 18, 2014
Cristián Rojas
rated it really liked it
Jan 05, 2013
Sergey Shishkin
rated it really liked it
Sep 30, 2011
Sergey
rated it liked it
Mar 06, 2013
Ryan Permeh
rated it really liked it
Jun 24, 2014
Dennis Furlaneto
rated it liked it
Sep 22, 2013
Laksh
rated it it was amazing
Mar 24, 2017
Steven Maestas
rated it it was amazing
Jun 06, 2013
j monty
rated it liked it
Apr 13, 2007
« previous 1 next »
There are no discussion topics on this book yet. Be the first to start one »
3 followers
software security expert from Microsoft
More about Michael Howard