Microsoft released its first ever Security Development Lifecycle (SDL) Progress Report today, outlining nine years of progress developing, improving and adopting the SDL process.
The new SDL Progress Report provides IT business decision makers with a correlation between secure development, reduced attacks and business efficiencies. Using both Microsoft and outside information, the report concludes that adopting secure development processes, like the SDL, can identify vulnerabilities earlier and offset the costly cycle of addressing vulnerabilities at the end of the development cycle or after an attack.
The document also shows how a two-pronged approach, combining technology (i.e. defense-in-depth features, tools, etc.) and processes, can enhance the benefits of secure development. Finally, the new report shows where security mitigations built into Windows operating systems have gained the most traction among industry application developers.
More information and a download of the report are available here.
Related Column: Lessons from the Trenches on Implementing a Secure Development Lifecycle
Related Column: Implementing a Secure Development Lifecycle: The Importance of Executive Support

More from SecurityWeek News
- Threat Hunting Summit Virtual Event NOW LIVE
- Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone
- Threat Modeling Firm IriusRisk Raises $29 Million
- SentinelOne Announces $100 Million Venture Fund
- Today: 2022 CISO Forum Virtual Event
- Cymulate Closes $70M Series D Funding Round
- SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
- Privilege Escalation Flaw Haunts VMware Tools
Latest News
- Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech
- In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack
- OpenAI Unveils Million-Dollar Cybersecurity Grant Program
- Galvanick Banks $10 Million for Industrial XDR Technology
- Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer
- US, South Korea Detail North Korea’s Social Engineering Techniques
- High-Severity Vulnerabilities Patched in Splunk Enterprise
- Idaho Hospitals Working to Resume Full Operations After Cyberattack
