The SDL process guidance requires or recommends the use of tools in order to perform security activities. It is important to use appropriate tools at the right stage in the development lifecycle. Incorporating tools into your development lifecycle is an investment in software quality. Tools can help you automate and scale certain activities, but they are not a panacea. You will need to validate that the tools you are considering meet your organization's cost and quality requirements and that you have the expertise to use them appropriately.
Microsoft makes templates and tools – available at no cost – to help you perform these activities.
The graphic below will help you identify how each of these tools fits into the SDL. Roll over each SDL phase of the graphic to get the list and description of the SDL tools or click on the tool to download it.