VMware Security Development Lifecycle

The VMware Security Development Lifecycle (SDL) is our methodology for developing secure software through required and recommended activities that help product teams develop more secure code. These activities follow standard security practices including product security assessments, threat modeling, static and dynamic scans, and penetration testing.

The VMware Security Engineering, Communications & Response group updates our SDL methodology regularly based on evolving security awareness and practices in the industry, increasing knowledge and changing business requirements regarding the practice of software security in VMware, and internal measurements of the effectiveness of our SDL.

Sign up for Security Advisories

Enter your email address:


VMware Security Response Center

Stay informed about security issues and considerations for your virtual infrastructure.

Visit Security Response Center