• Installs SDL requirements as work items
  • Includes SDL-based check-in policies
  • Customizes security bugs and queries
  • Includes extensive SDL how-to and guidance documentation
  • Generates auditable Final Security Review report
  • Accommodates third-party tool integration (e.g., the SDL Threat Modeling Tool)
  • Includes project plans and security risk assessment templates

  • Eases the adoption of the SDL

  • The SDL Process Template automates the creation of SDL requirements and enables development teams to begin adopting the SDL process without having to be fully trained on the SDL. It integrates the SDL into everyday tasks by leveraging the existing development environment (Visual Studio) and the project-wide framework (VSTS) in a way that is familiar to program managers and testers, as well as developers.
    • click to enlarge


  • Provides auditable security requirements and status

  • The SDL Process Template generates a detailed Final Security Review report that provides an up-to-the- minute overview of security issues, testing results, and status for all security requirements associated with a project. This report allows management to document and verify that SDL requirements were met prior to a product’s release.
    • click to enlarge


  • Demonstrates security return on investment

  • The SDL Process Template allows for the integration of third-party tools that work with TFS. Through reporting, the template provides data that allows you to assess the effectiveness of your security tools. In addition, the template enables you to experience the benefits of the SDL by discovering security issues early in your development lifecycle, reducing the total cost of development.
    • click to enlarge