Menu
Microsoft boosts access to secure development guidelines

Microsoft boosts access to secure development guidelines

Company hopes more developers will take up SDL best practices with move to Creative Commons license

Looking to broaden access to its security practices for software development, Microsoft plans to shift the licensing for its Security Development Lifecycle (SDL) documentation to the more accessible Creative Commons License, the company said on Thursday.

SDL is Microsoft's blueprint for incorporating security into applications. It has been available under an exclusive Microsoft license.

[ Microsoft in June began offering SDL guidance for its Windows Azure cloud platform. | Keep up with app dev issues and trends with InfoWorld's Fatal Exception blog and Developer World newsletter. ]

"With this more flexible copyright model, developers can now copy, distribute, and transmit SDL documentation to others in the industry, which they were unable to do before. Microsoft hopes this more open licensing will encourage developers to build upon the SDL and incorporate security and privacy throughout software development lifecycle," said David Ladd, Microsoft principal security program, in an email.

The Microsoft license has required express, written consent from Microsoft to share, copy, or transmit SDL content or processes. Based on feedback from several organizations, Microsoft found that honoring the license prevented embedding of elements of the SDL process and guidance in internal secure development process documents. This made it harder to adopt SDL, Microsoft said. The Creative Commons license offers more favorable licensing terms, Microsoft said.

During the next few weeks, English versions of the company's "Simplified Implementation of the Microsoft SDL" and "Microsoft Security Development Lifecycle (SDL) - Version 5.0" documentation will undergo license conversion. Other SDL content will be analyzed and relicensed as appropriate, Microsoft said. The company's SDL tools, however, will remain under the standard Microsoft license.

"It will take time for Microsoft to relicense other SDL documentation, but the company will keep developers up to date on its progress," Ladd said.

This article, "Microsoft boosts access to secure development guidelines," was originally published at InfoWorld.com. Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter.

Read more about developer world in InfoWorld's Developer World Channel.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags application developmentDeveloper WorldMicrosoftsecuritycreative commonssoftwareSecurity Central

Featured

Slideshows

Channel celebrates as HP marks 50 years in NZ

Channel celebrates as HP marks 50 years in NZ

HP marked 50 years in New Zealand at an event in the vendor's Auckland's headquarters last night, with a host of key channel figures coming along to celebrate. Photos by HP.

Channel celebrates as HP marks 50 years in NZ
EDGE 2017 - Icebreaker Sessions round 2

EDGE 2017 - Icebreaker Sessions round 2

EDGE guests experience the value of networking at the second round of Icebreaker sessions.. Photos by Maria Stefina

EDGE 2017 - Icebreaker Sessions round 2
EDGE 2017 Dinner Under the Stars

EDGE 2017 Dinner Under the Stars

EDGE's Day 2 keynote and breakout sessions were followed by the Dinner Under the Stars. Over 300 people were present to enjoy a seafood feast and lots of excitement at Hamilton Island's Bougainvillea Marquee. Photos by Maria Stefina.

EDGE 2017 Dinner Under the Stars
Show Comments