LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the seven phases of Microsoft's Security Development Lifecycle (SDL)?

Training → Requirements → Design → Implementation → Verification → Release → Response — five core phases bracketed by upfront Training and post-ship Response.

The seven SDL phases as a serpentine: Training → Requirements → Design → Implementation → Verification → Release → Response.

* Microsoft SDL — Training, Requirements, Design, Implementation, Verification, Release, Response. *

Phase Focus
Training Security education for developers
Requirements Define security/privacy requirements, assign Security Advisor
Design Threat modeling, attack surface analysis
Implementation Secure coding, static analysis, banned APIs
Verification Security testing, fuzz testing, penetration testing
Release Final security review, incident response plan
Response Handle security incidents post-release

Supporting pillars: Education, Process, Accountability

Mnemonic: "TRaDe In VeRy Rare" - Training, Requirements, Design, Implementation, Verification, Release, Response

Go deeper:

From Quiz: SPRG / SDL and Threat Modeling | Updated: Jul 14, 2026