The Secure Software Development Lifecycles (SDLC) Best Practices Course will cover the following topics and more:

Introduction Software Development Security

• Understand and integrate security in the Software Development Life Cycle (SDLC)
• Identify and apply security controls in development environments
• Assess the effectiveness of software security
• Assess security impact of acquired software
• Define and apply secure coding guidelines and standards

Secure Software Concepts

• Core Concepts
• Security Design Principles

Secure Software Requirements

• Identify Security Requirements
• Interpret Data Classification Requirements
• Identify Privacy Requirements
• Develop Misuse and Abuse Cases
• Include Security in Software Requirement Specifications
• Develop Security Requirement Traceability Matrix

Secure Software Design

• Perform Threat Modeling
• Define the Security Architecture
• Performing Secure Interface Design
• Performing Architectural Risk Assessment
• Modeling (Non-Functional) Security Properties and Constraints
• Model and Classify Data
• Evaluate and Select Reusable Secure Design
• Perform Design Security Review
• Design Secure Assembly Architecture for Component-Based Systems
• Use Security Enhancing Architecture and Design Tools
• Use Secure Design Principles and Patterns

Secure Software Implementation/ Programming

• Follow Secure Coding Practices
• Analyze Code for Security Vulnerabilities
• Implement Security Controls
• Fix Security Vulnerabilities
• Look for Malicious Code
• Securely Reuse Third Party Code or Libraries
• Securely Integrate Components
• Apply Security during the Build Process
• Debug Security Errors

Secure Software Testing

• Develop Security Test Cases
• Develop Security Testing Strategy and Plan
• Identify Undocumented Functionality
• Interpret Security Implications of Test Results
• Classify and Track Security Errors
• Secure Test Data
• Develop or Obtain Security Test Data
• Perform Verification and Validation Testing (e.g., IV&V)

Secure Lifecycle Management

• Secure Configuration and Version Control
• Establish Security Milestones
• Choose a Secure Software Methodology
• Identify Security Standards and Frameworks
• Create Security Documentation
• Develop Security Metrics
• Decommission Software
• Report Security Status
• Support Governance, Risk, and Compliance (GRC)

Software Deployment, Operations, and Maintenance

• Perform Implementation Risk Analysis
• Release Software Securely
• Securely Store and Manage Security Data
• Ensure Secure Installation
• Perform Post-Deployment Security Testing
• Obtain Security Approval to Operate
• Perform Security Monitoring (e.g., managing error logs, audits, meeting SLAs, CIA metrics)
• Support Incident Response
• Supply Chain and Software Acquisition
• Analyze Security of Third-Party Software
• Verify Pedigree and Provenance
• Provide Security Support to the Acquisition Process

Course Booking

Please use the "Book Now" or "Inquire" buttons on this page to reserve your space or request for more information