Loading AI tools
Software development process to improve security From Wikipedia, the free encyclopedia
The Microsoft Security Development Lifecycle (SDL) is the approach Microsoft uses to integrate security into DevOps processes (sometimes called a DevSecOps approach). You can use this SDL guidance and documentation to adapt this approach and practices to your organization.
The practices described in the SDL approach can be applied to all types of software development and all platforms from classic waterfall through to modern DevOps approaches and can be generally applied across:
The SDL recommends 10 security practices to incorporate into your development workflows. Applying the 10 security practices of SDL is an ongoing process of improvement so a key recommendation is to begin from some point and keep enhancing as you proceed. This continuous process involves changes to culture, strategy, processes, and technical controls as you embed security skills and practices into DevOps workflows.
The 10 SDL practices are:
Version | Release date | Link |
---|---|---|
1 | January 2004 | Unreleased |
2 | July 2004 | Unreleased |
2.1 | January 2005 | Unreleased |
2.2 | July 2005 | Unreleased |
3 | January 2006 | Unreleased |
3.2 | 2008-04-15 | http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=24308 |
4.1 | 2009-06-01 | http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=15526 |
4.1a | 2010-04-15 | http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=17701 |
5 | 2010-05-11 | http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=12285 |
5.2 | 2012-05-23 | http://www.microsoft.com/en-us/download/details.aspx?id=29884 |
6 | 2024-05-21 | https://www.microsoft.com/securityengineering/sdl |
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.