Security development lifecycle
The security development lifecycle is a security process that can be embedded in any of the development processes that are available nowadays. It helps to create security awareness in your team or department. By formalizing security and making it a part of daily activities, a culture is created in which security is an important part of the project just like testing or designing. Microsoft uses SDL to make sure security and privacy are upheld in their software. Analogous to reducing bugs in testing, SDL's main interest is to reduce vulnerabilities in software. What is special about SDL is that it introduces the importance of security and privacy in all phases of your development process.
SDL defines a number of activities and attaches these to the phases of the development process. An important part of SDL is that you should focus on the quality of the output required at the end of each phase. The next sections will dig deeper into the specifics of SDL in the...
