Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Add a Security Bug Bar to Microsoft Team Foundation....

25 Feb 2010   #1

Win 7 Ultimate 64-bit. SP1.
Add a Security Bug Bar to Microsoft Team Foundation....

Add a Security Bug Bar to Microsoft Team Foundation Server 2010.

One of the most contentious tasks a software development team faces during the course of its products’ lifecycles is triaging bugs. Deciding the relative level of importance of any given bug—and consequently determining the chance that that bug might not be fixed at all in time for release—is a serious matter to everyone involved in the product’s development.

Programmers, testers, architects and program managers all have different viewpoints and base their individual triage decisions on disparate factors such as:
  • How much code would have to be regression-tested once the fix is made.
  • How close to release the project is.
  • How many users would be affected by the change.
  • Whether the bug is blocking other issues from being tested or fixed.
I will admit that these are all important factors to consider when triaging functional bugs in product features. However, none of these factors should play any role in determining whether to fix security bugs—that is, bugs that could potentially lead to security vulnerabilities in the product. Classification of security bugs must be objective and consistent. It doesn’t make any difference to an attacker that you found a vulnerability only a week before your code-complete milestone; he’ll exploit it just the same.

This column describes the objective security bug classification system—the “bug bar”—used by Microsoft internal product and online services teams, which is required by the Security Development Lifecycle (SDL). It also shows how you can incorporate this classification system into your own development environment using Microsoft Team Foundation Server 2010.
Source -
Security Briefs - Add a Security Bug Bar to Microsoft Team Foundation Server 2010

My System SpecsSystem Spec


 Add a Security Bug Bar to Microsoft Team Foundation....

Thread Tools

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:47 PM.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33