mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-25 03:37:23 +00:00
28 lines
1.4 KiB
Markdown
28 lines
1.4 KiB
Markdown
---
|
|
title: Microsoft Security Development Lifecycle
|
|
description: Download the Microsoft Security Development Lifecycle white paper that covers a security assurance process focused on software development.
|
|
author: paolomatarazzo
|
|
ms.author: paoloma
|
|
manager: aaroncz
|
|
ms.topic: article
|
|
ms.date: 07/31/2023
|
|
---
|
|
|
|
# Microsoft Security Development Lifecycle
|
|
|
|
The Security Development Lifecycle (SDL) is a security assurance process that is focused on software development. As a Microsoft-wide initiative and a mandatory policy since 2004, the SDL has played a critical role in embedding security and privacy in software and culture at Microsoft.
|
|
|
|
[:::image type="content" source="images/simplified-sdl.png" alt-text="Simplified secure development lifecycle":::](https://www.microsoft.com/en-us/securityengineering/sdl)
|
|
|
|
With the help of the combination of a holistic and practical approach, the SDL aims to reduce the number and severity of vulnerabilities in software. The SDL introduces security and privacy throughout all phases of the development process.
|
|
|
|
The Microsoft SDL is based on three core concepts:
|
|
|
|
- Education
|
|
- Continuous process improvement
|
|
- Accountability
|
|
|
|
To learn more about the SDL, visit the [Security Engineering site](https://www.microsoft.com/en-us/securityengineering/sdl).
|
|
|
|
And, download the [Simplified Implementation of the Microsoft SDL whitepaper](https://www.microsoft.com/download/details.aspx?id=12379).
|