Popular Topics

Topics

About

Policies

Our Network

More

Paul Krill
by
Editor at Large

Microsoft boosts access to secure development guidelines

news
Aug 26, 20102 mins

Company hopes more developers will take up SDL best practices with move to Creative Commons license

Looking to broaden access to its security practices for software development, Microsoft plans to shift the licensing for its Security Development Lifecycle (SDL) documentation to the more accessible Creative Commons License, the company said on Thursday.

SDL is Microsoft’s blueprint for incorporating security into applications. It has been available under an exclusive Microsoft license.

“With this more flexible copyright model, developers can now copy, distribute, and transmit SDL documentation to others in the industry, which they were unable to do before. Microsoft hopes this more open licensing will encourage developers to build upon the SDL and incorporate security and privacy throughout software development lifecycle,” said David Ladd, Microsoft principal security program, in an email.

The Microsoft license has required express, written consent from Microsoft to share, copy, or transmit SDL content or processes. Based on feedback from several organizations, Microsoft found that honoring the license prevented embedding of elements of the SDL process and guidance in internal secure development process documents. This made it harder to adopt SDL, Microsoft said. The Creative Commons license offers more favorable licensing terms, Microsoft said.

During the next few weeks, English versions of the company’s “Simplified Implementation of the Microsoft SDL” and “Microsoft Security Development Lifecycle (SDL) – Version 5.0” documentation will undergo license conversion. Other SDL content will be analyzed and relicensed as appropriate, Microsoft said. The company’s SDL tools, however, will remain under the standard Microsoft license.

“It will take time for Microsoft to relicense other SDL documentation, but the company will keep developers up to date on its progress,” Ladd said.

This article, “Microsoft boosts access to secure development guidelines,” was originally published at InfoWorld.com. Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter.

Software DevelopmentSecurity
Paul Krill
by
Editor at Large

Paul Krill is editor at large at InfoWorld. Paul has been covering computer technology as a news and feature reporter for more than 35 years, including 30 years at InfoWorld. He has specialized in coverage of software development tools and technologies since the 1990s, and he continues to lead InfoWorld’s news coverage of software development platforms including Java and .NET and programming languages including JavaScript, TypeScript, PHP, Python, Ruby, Rust, and Go. Long trusted as a reporter who prioritizes accuracy, integrity, and the best interests of readers, Paul is sought out by technology companies and industry organizations who want to reach InfoWorld’s audience of software developers and other information technology professionals. Paul has won a “Best Technology News Coverage” award from IDG.

More from this author

Show me more

news

Final training of AI models is a fraction of their total cost

By Maxwell Cooter
2 mins
Artificial Intelligence
Image
news

Anthropic throttles Claude subscriptions to meet capacity

By Anirban Ghoshal
5 mins
Artificial Intelligence
Image
analysis

Edge clouds and local data centers reshape IT

By David Linthicum
8 mins
Cloud ArchitectureData ArchitectureHybrid Cloud
Image
video

How to run your own little local Claude Code (sort of!)

7 mins
Python
Image
video

How to build desktop apps in Typescript with Electrobun

5 mins
Python
Image
video

Write and run assembly in Python with Copapy

5 mins
Python
Image