Home / Definitions / Microsoft Security Development Lifecycle (SDL)

Microsoft Security Development Lifecycle (SDL)

Forrest Stroud
Last Updated May 24, 2021 7:48 am

A company-wide process from Microsoft for performing regular code reviews for Microsoft software products to reduce security issues and resolve security vulnerabilities in a timely fashion. Microsoft Security Development Lifecycle (SDL) efforts are grouped into seven phases: training, requirements, design, implementation, verification, release and response.

The Microsoft Security Development Lifecycle was first announced in 2003, and is built largely on the premise of mitigating classes of potentialx security exploits as opposed to addressing specific exploits on a case-by-case basis. The Microsoft SDL was also developed to help protect against unforeseen threats, which is accomplished in part by the company working with security research community to improve security and resolve new and emerging vulnerabilities.