-
Microsoft Security Development Lifecycle (SDL)
With today’s complex threat landscape, it’s more important than ever to build security into your applications and services from the ground up. Discover how we build more secure software and address security compliance requirements. -
Operational Security Assurance (OSA)
OSA outlines security engineering practices that organizations should adopt and is a framework used to improve core aspects of operational security of online services. -
Secure DevOps
Development and operations should be tightly integrated to enable fast and continuous delivery of value to end users. Find out how.
Overview
The Microsoft SDL introduces security and privacy considerations throughout all phases of the development process, helping developers build highly secure software, address security compliance requirements, and reduce development costs. The guidance, best practices, tools, and processes in the Microsoft SDL are practices we use internally to build more secure products and services. Since first shared in 2008, we’ve updated the practices as a result of our growing experience with new scenarios, like the cloud, Internet of Things (IoT), and artificial intelligence (AI).
About SDL
Learn about the history of the Microsoft SDL.
Learn more
Getting started
Prescriptive guidance on how to get started with the SDL.
Learn more
Threat Modeling
Find out how the SDL Threat Modeling Tool can help identify and mitigate potential security issues early.
Learn more
Consulting Services
Discover how Microsoft Services can help you adopt and implement the SDL process.
Learn more