LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the three pillars of a secure SDL process according to Microsoft SDL?

Education, Process, and Accountability — train people, give teams a defined secure process, and tie release sign-off to meeting it.

Microsoft's Security Development Lifecycle (SDL) rests on three pillars that span the whole development flow:

Pillar What it means
Education Administer and track security training so developers know the threats.
Process Guide product teams to meet defined SDL requirements at each phase.
Accountability Establish release criteria and require sign-off (a Final Security Review) before shipping.

Why these three: training without a process gives knowledgeable teams no structure; a process without accountability gets skipped under deadline pressure; accountability without education just blocks releases nobody knows how to unblock. Together they make security a continuous, ongoing improvement rather than a one-off gate.

From Quiz: SPRG / Repetition and Review | Updated: Jul 14, 2026