Skip to main content

Increase Your Microsoft SDL I.Q.

Published: March 26, 2014

Author: Ken Malcolmson, Group Manager, Microsoft Trustworthy Computing

This year is the tenth anniversary of the creation of Microsoft’s Security Development Lifecycle. Over the last decade the technology-agnostic SDL has been refined and improved based on real-world feedback, made available free of charge for anyone to adapt and adopt in their own environment, and most recently been declared to meet or exceed the guidance published in ISO/IEC 27034-1, the first international standard to address secure software development requirements.

The free SDL guidance, tools and resources have been downloaded more than a million times and adopted by organizations large and small around the world. In today’s landscape, where concerns over supply chain security, protecting customer data and personally identifiable information, and defending against malicious attackers are keeping IT professionals and managers awake at night, the SDL offers a flexible and adaptable secure development framework that can be introduced into any development environment. As a result, here are 10 of the top resources that can help you better understand and utilize the SDL in your organization:

About the Author

Ken MalcolmsonKen Malcolmson is a group marketing communications manager in Microsoft’s Trustworthy Computing Group. Ken and his team manage marketing and communications for a range of security domains at the company, including Microsoft’s corporate security strategy; the Microsoft Security Engineering Center, which includes the Security Development Lifecycle  and Security Science; the Microsoft Security Intelligence Report, which provides in-depth analysis of the global threat landscape; and Microsoft’s collaborative work with governments, multinational organizations and both industry and non-profit groups to enhance security across the cyber-ecosystem.

Before joining Microsoft, Malcolmson spent more than ten years with the United Kingdom Ministry of Defense. He held a variety of IT-related roles where he developed a long-standing interest in security topics.

Microsoft Security Newsletter

Sign up for a free monthly roundup of security news, bulletins, and guidance for IT pros and developers.