Microsoft has released a new wave of updates and technical content additions for its Security Development Lifecycle (SDL) website, which contains resources for securely developing and testing software.
These changes affect the SDL Developer Starter Kit, security tooling guidance, and compiler and cryptographic recommendations. Microsoft has consolidated its Security Tools recommendations, replaced BinScope with BinSkim, and published guidance to help developers with cryptography, among other updates.
"Detailed Cryptographic Recommendations taken from Microsoft internal standards are now available for the first time – providing valuable guidance for developers looking to build cryptography into applications and services in line with Microsoft's own practices," Andrew Marshall, Microsoft's principal security program manager for security engineering wrote in a blog post today announcing the updates.
The DSL updates are part of a broader investment to improve security at Microsoft, and the company promises additional changes in coming months.
Read more details on the Microsoft blog.