Fundamentals of Secure Application Development Course Details:

The best security investment you can make is deploying secure code.
The rules of information security aren’t what they used to be. Hackers aren’t kids in basements–they’re professionals and organized criminal groups around the world. They seek to break into systems and steal data any way they can.

Unfortunately, the vast majority of hacks are not due to insecure networks or misconfigured firewalls. They are a result of common software flaws coded into applications. Even with a good information security policy, the reality is that software developers are often underserved when it comes to having a security strategy. If your applications get built without attention to software security practices, risk gets passed downstream and by the time an incident occurs, it’s too late.

From proactive requirements to coding and testing, this course covers the best practices you need to avoid opening up your users, customers, and organization to attack at the application layer. We share only the most recent best practices, and our experts will answer your questions live in class. You’ll return to work ready to build higher quality and more robustly protected applications.

    Sep 28 2021

    Date: 09/28/2021 - 09/29/2021 (Tuesday - Wednesday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    September 28 - 29, 2021 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Oct 6 2021

    Date: 10/06/2021 - 10/07/2021 (Wednesday - Thursday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    October 6 - 7, 2021 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Nov 9 2021

    Date: 11/09/2021 - 11/10/2021 (Tuesday - Wednesday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    November 9 - 10, 2021 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Nov 15 2021

    Date: 11/15/2021 - 11/16/2021 (Monday - Tuesday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    November 15 - 16, 2021 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Dec 7 2021

    Date: 12/07/2021 - 12/08/2021 (Tuesday - Wednesday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    December 7 - 8, 2021 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Jan 10 2022

    Date: 01/10/2022 - 01/11/2022 (Monday - Tuesday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    January 10 - 11, 2022 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Mar 28 2022

    Date: 03/28/2022 - 03/29/2022 (Monday - Tuesday) | 10:00 AM - 6:00 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    March 28 - 29, 2022 | 10:00 AM - 6:00 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    May 5 2022

    Date: 05/05/2022 - 05/06/2022 (Thursday - Friday) | 12:00 PM - 8:00 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    May 5 - 6, 2022 | 12:00 PM - 8:00 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Jul 21 2022

    Date: 07/21/2022 - 07/22/2022 (Thursday - Friday) | 9:00 AM - 5:00 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    July 21 - 22, 2022 | 9:00 AM - 5:00 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Sep 19 2022

    Date: 09/19/2022 - 09/20/2022 (Monday - Tuesday) | 10:00 AM - 6:00 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    September 19 - 20, 2022 | 10:00 AM - 6:00 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

    Nov 3 2022

    Date: 11/03/2022 - 11/04/2022 (Thursday - Friday) | 8:30 AM - 4:30 PM (EST)
    Location: ONLINE (Virtual Classroom Live)
    Delivery Format: VIRTUAL CLASSROOM LIVE Request Quote & Enroll

    Success! Your message has been sent to us.
    Error! There was an error sending your message.
    REQUEST MORE INFO:

    Fundamentals of Secure Application Development

    November 3 - 4, 2022 | 8:30 AM - 4:30 PM (EST) | Virtual Classroom Live


    How Did You Hear of Global IT Training?

    Join Our Email List?

Secure Software Development

  • Assets, Threats and Vulnerabilities
  • Security Risk Analysis (Bus and Tech)
  • Secure Dev Processes (MS, BSI…)
  • Defense in Depth
  • Approach for this course

The Context for Secure Development

  • Assets to be protected
  • Threats Expected
  • Security Imperatives (internal and external)
  • Organization’s Risk Appetite
  • Security Terminology
  • Organizational Security Policy
  • Security Roles and Responsibilities
  • Security Training for Roles
  • Generic Security Goals and Requirements

Security Requirements

  • Project-Specific Security Terms
  • Project-Related Assets and Security Goals
  • Product Architecture Analysis
  • Use Cases and Miscellaneous Use/Abuse Cases
  • Dataflows with Trust Boundaries
  • Product Security Risk Analysis
  • Elicit, Categorize, Prioritize SecRqts
  • Validate Security Requirements

Designing Secure Software

High-Level Design

  • Architectural Risk Analysis
  • Design Requirements
  • Analyze Attack Surface
  • Threat Modeling
  • Trust Boundaries
  • Eliminate Race Objects

Detail-Level Design

  • Secure Design Principles
  • Use of Security Wrappers
  • Input Validation
  • Design Pitfalls
  • Validating Design Security
  • Pairing Mem Mgmt Functions
  • Exclude User Input from format strings
  • Canonicalization
  • TOCTOU
  • Close Race Windows
  • Taint Analysis

Writing Secure Code

Coding

  • Developer guidelines and checklists
  • Compiler Security Settings (per)
  • Tools to use
  • Coding Standards (per language)
  • Common pitfalls (per language)
  • Secure/Safe functions/methods
  • Integer type selection
  • Synchronization Primitives

Early Verifications

  • Static Analysis (Code Review w/tools)
  • Unit and Dev Team Testing
  • Risk-Based Security Testing
  • Taint Analysis

Testing for Software Security 

  • Assets to be protected
  • Threats Expected
  • Security Imperatives (internal and external)
  • Organization’s Risk Appetite
  • Static Analysis
  • Dynamic Analysis
  • Risk-Based Security testing
  • Fuzz Testing (Whitebox vs. Blackbox)
  • Penetration Testing (Whitebox vs. Blackbox)
  • Attack Surface Review
  • Code audits
  • Independent Security Review

Releasing and Operating Secure Software

  • Incident Response Planning 
  • Final Security Review
  • Release Archive
  • OS Protections
  • Monitoring
  • Incident Response
  • Penetration Testing

Making Software Development More Secure

  • Process Review
  • Getting Started
  • Priorities

*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.
  • Understand assets, threats, vulnerabilities, and risks
  • The content around secure development
  • Gathering and understanding security requirements
  • How to design secure software
  • How to write secure code
  • How to test your software
  • Releasing secure software

 

  • Application Developer
  • Software Engineers
  • Software Tester
  • Technical Leadership
  • Security Administrators

 

Ready to Jumpstart Your IT Career?

CONTACT US NOW!