What Is the Microsoft Security Development Lifecycle (SDL)?
The SDL is a software development security assurance process consisting of security practices grouped by seven phases of the traditional software development life cycle. Experiences at Microsoft has shown security practices executed in chronological order helped result in greater security gains and cost benefits than from ad hoc implementation. The SDL process is not specific to Microsoft or the Windows platform and can be applied to different operating systems, platforms,
development methodologies, and to projects of any size.
What Types of Software Benefit from the SDL?
If your organization builds software with one or more of the following characteristics, you should consider adopting the SDL:
- The software will be deployed in a business or enterprise environment
- The software must meet regulatory requirements for how data is transmitted, stored, and displayed
- The software communicates regularly over the Internet or other networks
