Microsoft Security Development Lifecycle

The Security Development Lifecycle (SDL) is a security assurance process that is focused on software development. As a Microsoft-wide initiative and a mandatory policy since 2004, the SDL has played a critical role in embedding security and privacy in software and culture at Microsoft.

Simplified secure development lifecycle

With the help of the combination of a holistic and practical approach, the SDL aims to reduce the number and severity of vulnerabilities in software. The SDL introduces security and privacy throughout all phases of the development process.

The Microsoft SDL is based on three core concepts:

  • Education
  • Continuous process improvement
  • Accountability

To learn more about the SDL, visit the Security Engineering site.

And, download the Simplified Implementation of the Microsoft SDL whitepaper.