Partilhar via


Appendix Q: SDL-Agile Bucket Requirements

Bucket A: Security Verification

Title Requirement/Recommendation Applies to Online Services Applies to Managed Code Applies to Native Code
Debug the application with the Application Verifier enabled Requirement X
Disable tracing and debugging in ASP.NET applications Requirement X X
Ensure regular expressions must not execute in exponential time (O(2^n)) Requirement X X X
Ensure sample code complies with appropriate SDL development practices Requirement X X X
Employ network fuzzing Requirement X X
Investigate and service any reported /GS crashes Requirement X
Perform ActiveX control fuzzing Requirement X X
Perform attack surface analysis Requirement X X X
Perform binary analysis (BinScope) Requirement X X X
Perform COM object testing Requirement X
Perform cross-domain scripting testing Requirement X X X
Perform file fuzz testing Requirement X X
Perform RPC fuzz testing Requirement X X
Conduct in-depth manual and automated code review for high-risk code Recommendation X X X
Perform data flow testing Recommendation X X X
Perform input validation testing Recommendation X X X
Perform replay testing Recommendation X X X

Bucket B: Design Review

Title Requirement/Recommendation Applies to Online Services Applies to Managed Code Applies to Native Code
Avoid cross-domain access to authenticated sites Requirement X X X
Comply with User Account Control (UAC) best practices to ensure all code runs as a non-administrator Requirement X X
Conduct a privacy review Requirement X X X
Ensure all code is compliant with the SDL Cryptographic Standards Requirement X X X
Ensure all code is compliant with the SDL Privacy Guidelines document Requirement X X X
Incorporate third-party component licensing security requirements in all new contracts Requirement X X X
Opt out of automatic MIME sniffing Requirement X X
Use strongly named assemblies, and request minimal permissions Requirement X X
Apply no-open header to user-supplied downloadable files Requirement X X X
Complete in-depth threat model training Recommendation X X X
Disable rarely used features by default, to reduce attack surface Recommendation X X X
Grant minimal privileges Recommendation X X X
Review planning and design specifications for user interface elements Recommendation X X X
Use Windows Imaging Component to process image data Recommendation X X X

Bucket C: Planning

Title Requirement/Recommendation Applies to Online Services Applies to Managed Code Applies to Native Code
Add or update privacy scenarios in the test plan Requirement X X X
Create or update the list of response contacts Requirement X X X
Define or update the privacy bug bar Requirement X X X
Define or update the security bug bar Requirement X X X
Ensure symbols are available internally for all public releases Requirement X X X
Create or update a business continuity-disaster recovery plan Recommendation X X X
Create or update a network down plan Recommendation X X X
Create or update content publishing plan Recommendation X X X
Create or update privacy support documents Recommendation X X X

Content Disclaimer

This documentation is not an exhaustive reference on the SDL process as practiced at Microsoft. Additional assurance work may be performed by product teams (but not necessarily documented) at their discretion. As a result, this example should not be considered as the exact process that Microsoft follows to secure all products.

This documentation is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it.

This documentation does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.

© 2012 Microsoft Corporation. All rights reserved.

Licensed under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported