Understand the critical aspects of secure software design and development.
What you will learn
Determine how to specify the proper software architecture to meet your software security requirements
Identify the correct software build requirements needed for a secure software program
What are the critical aspects of secure development
Anyone preparing for the (ISC)² Certified Secure Software Lifecycle Professional (CSSLP) exam would benefit as well
Description
Course Overview
In this course series we cover what secure software design means and why software can meet all quality requirements and still be insecure.
Please note that this course is providing introductory concepts for beginners and is NOT a programming course or has any hands on.
This course specifically, Secure Software Design is meant to provide learners a foundational start in software design that is focused around security. The course covers important aspects around the need for Secure Software Design, understanding the Attack Surface Evaluation processes and what a Threat Model Attack Tree is.
The course continues on to cover Secure Design Review, Risk Management, how to Define Security Architecture and a Whiteboard Discussion to name a few lessons.
The course provides some review questions and also whiteboard discussions to provide insight into some important topics.
Lastly, the course series covers about 65% or more of the exam objectives for the CSSLP exam when completing all eight courses!
There are many benefits of designing security early which we cover in this course.
This is a series of courses for learning about “Secure Software Development Fundamentals”
- Course 1 – Secure Software Concepts
- Course 2 – Secure Software Requirements
- Course 3 – Secure Software Design
- Course 4 – Defining Security Architectures
- Course 5 – Secure Software Testing
- Course 6 – Secure Software Acceptance
- Course 7 – Software Deployment, Operations and Maintenance
- Course 8 – Supply Chain and Software Acquisition
Who should take this course (Target Audience)?
- You are a developer or software engineer and want to understand
- You want to learn IT security fundamentals focused on software development
What are the Couse Pre Requirements?
There are no course pre-requirement
What You’ll Learn
- What are the critical aspects of secure development
- What is the CIA Triad, AAA and other security fundamentals
- Identify the correct software build requirements needed for a secure software program
- Determine how to specify the proper software architecture to meet your software security requirements
- Understand what the commonly accepted best practices are software acceptance
- Determine the proper software acquisition and supply chain requirements for your software programs
- Get to know the proper software testing procedure for a secure software program.
Requirements
- No Requirements
Course Contents
- Course Overview, Instructor Intro, Course Prereqs
- Main Modules covered are: Need for Secure Software Design Attack Surface Evaluation Threat Model Attack Tree Secure Design Review Risk Management Define Security Architecture Whiteboard Discussion Module Review
- Review Questions
- Course Closeout
Content