This is a guide to security management in multi-cloud applications lifecycle. It is a first draft of best practices and guidelines to multi-cloud application developers and operators. It describes the MUSA framework’s impact on integrated and holistic management of application security across the whole life cycle. There are descriptions of MUSA activities, how they relate to a case study example, what is meant by multi-cloud security and an initial lifecycle description and its relationship to MUSA framework.