Secure Software Design (TT8600)
Secure Software Design (TT8600) Course Details:
In this intense hands-on workshop, software application designers and architects will learn to build secure applications. You will be introduced to the concept and process of Threat Modeling as a key enabler for architecting effective and appropriate security for software and information assets. You will get an-depth review of the various types of threats against your software, and you will leave the course armed with the skills required to recognize software vulnerabilities (actual and potential) and design defenses for those vulnerabilities.
Please also note that secure coding training is PCI Compliant, as it addresses common coding vulnerabilities in software development processes. This training is used by one of the principle participants in the PCI DSS. Having passed multiple PCI audits, this course has been shown to meet the PCI requirements. The specification of those training requirements are detailed in 6.5.1 through 6.5.10 on pages 55 through 59 of the PCI DSS Requirements 3.0 document dated November 2013.
Throughout the course, you will learn the best practices for designing and architecting secure programs. You will take an application from requirements to implementation, analyzing and testing for software vulnerabilities and building appreciation for why software needs to be designed from the ground up in a secure fashion.
Call (919) 283-1653 to get a class scheduled online or in your area!
*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.
- Concepts and terminology behind defensive coding
- Use Threat Modeling as a tool in identifying software vulnerabilities based on threats against assets
- Learn the entire spectrum of threats and attacks that take place against software applications in today's world
- Threat Modeling for identifying potential vulnerabilities in a real life case study
- Implement the processes and measures associated with the security development lifecycle (SDL)
- Skills, tools, and best practices for design reviews as well as testing initiatives
- Basics of security testing and planning
- Work through a comprehensive testing plan for recognized vulnerabilities and weaknesses
This is an intermediate-level software design course designed for architects and stakeholders who wish to get up and running on building well-defended software applications.