The VMware Security Development Lifecycle (SDL) program identifies and mitigates security risk during the development phase of VMware software products. VMware also operates the VMware Security Response Center (VSRC) to conduct the analysis and remediation of software security issues in VMware products.

The SDL is the software development methodology that the VMware Security Engineering, Communication, and Response (vSECR) group, and VMware product development groups, use to help identify and mitigate security issues. For more information about the VMware Security Development Lifecycle, see the webpage at https://www.vmware.com/security/sdl.html.

The VSCR works with customers and the security research community to achieve the goals of addressing security issues and providing customers with actionable security information in a timely manner. For more information about the VMware Security Response Center, see the webpage at https://www.vmware.com/security/vsrc.html.