Quiz Entry - updated: 2026.07.14
What are the seven phases of Microsoft's Security Development Lifecycle (SDL)?
Training → Requirements → Design → Implementation → Verification → Release → Response — five core phases bracketed by upfront Training and post-ship Response.
* Microsoft SDL — Training, Requirements, Design, Implementation, Verification, Release, Response. *
| Phase | Focus |
|---|---|
| Training | Security education for developers |
| Requirements | Define security/privacy requirements, assign Security Advisor |
| Design | Threat modeling, attack surface analysis |
| Implementation | Secure coding, static analysis, banned APIs |
| Verification | Security testing, fuzz testing, penetration testing |
| Release | Final security review, incident response plan |
| Response | Handle security incidents post-release |
Supporting pillars: Education, Process, Accountability
Mnemonic: "TRaDe In VeRy Rare" - Training, Requirements, Design, Implementation, Verification, Release, Response
Go deeper:
Microsoft Security Development Lifecycle — the five core phases bracketed by Training and Response.