From a Bill Gates memo to an industry practice: The story of Security Development Lifecycle

Most people would agree that Microsoft has come a long way from the dark days of frequent malware attacks and security flaws making headlines. Microsoft has now shared the untold, and thrilling, story of the Security Development Lifecycle at SDLstory.com with anecdotes of the early days, and never-earlier-seen video footage and photos of the key players.

While in the earliest days, hacking was just an underground hobby, the media attention that security attacks received fabricated it fascinating for cybercriminals as an opportunity for fame. The romanticism of breaking the web just because you could do information technology became a high. Just equally time went on, the attacks became more and more than malicious, exploiting software for fiscal proceeds.

These vulnerabilities gained media attending while Microsoft was working on a reactive mode. Incidents like these were and so meaning that they strained the company'south power to provide support to customers. And despite their security efforts, the company was losing the trust of customers.

Within all this mess, Bill Gates sent a landmark memo about software security and trust to all total-fourth dimension Microsoft employees wherein he coined the phrase 'Trustworthy Calculating'.

"… if we don't do this, people simply won't be willing — or able — to have advantage of all the other great work we do. Trustworthy Computing is the highest priority."

Not long later the memo, in February 2002, the unthinkable happened. The entire Windows division close down and diverted all of its developers to security. Everyone was given preparation to outline expectations and priorities — threat modeling, code reviews, available tools, penetration testing — all designed to modify the default behavior of the organisation to brand it more secure.

Microsoft began reinventing itself every bit a more secure computing company, and correct away there were skillful results. With new tools, new processes, and a new understanding of the security landscape, integrating security into product development was now a primary focus across Microsoft. And by late 2003, early versions of Microsoft's SDL began to have shape.

Once SDL got approved past the senior leadership, it was mandated to be embedded into the development bicycle, updated periodically, and applied to all products and online services that faced meaningful risk. The increased security of Microsoft's own software has been dramatic, in role due to the emphasis on standing to evolve over the past ten years.

Interestingly, the SDL has had a major touch on on the broader industry also. Early on, Microsoft decided to make the SDL'southward tools, processes and guidance available free of charge to any organization that wanted to adapt it to their own business. Every bit a upshot, the SDL has not but led to measurable improvements in the security and privacy of Microsoft's software and services, but also to a central shift in software development at many other companies. Ii of the world'due south largest technology companies, Adobe and Cisco, have adopted information technology.

Since its inception in 2004, and the external release of SDL tools and resources in 2008, Microsoft'south SDL guidance has been downloaded more than 1 1000000 times and reached more than 150 countries. From small developer shops to large enterprises, many are seeing benefits from a 'baking security in' approach. The SDL was built on the concept that security should not exist an afterthought.

Source: SDL Story

Elden Ring: New gameplay mechanics you need to know about

Going beyond Dark Souls gameplay

Elden Ring: New gameplay mechanics y'all need to know about

While Elden Ring brings dorsum many of the gameplay systems that Dark Souls players are used to, the game also features a variety of new mechanics besides. Hither'due south everything y'all need to know about what's new in FromSoftware's open-world action RPG.

Ahead of a 2022 release, Grounded has already reached 10 million players

Bigger than the backyard

Ahead of a 2022 release, Grounded has already reached ten 1000000 players

Grounded, the unique survival game from Obsidian Entertainment and Xbox Game Studios, has already crossed 10 meg players while in early access. The team is standing to piece of work on new updates and content ahead of Grounded'southward official release, at present slated for sometime in 2022.

ASUS ROG Strix X570-E is the best motherboard for Ryzen 9 5900X

Solid Foundations

ASUS ROG Strix X570-Due east is the best motherboard for Ryzen 9 5900X

The motherboard can prove a blessing or a hindrance when used with high-functioning processors like the AMD Ryzen ix 5900X, depending on which you go for. We've rounded upwards the all-time B550 and X570 motherboards that are compatible with the new Ryzen processor.