Students who attend Secure Software Design will leave the course armed with the skills required to recognize software vulnerabilities (actual and potential) and design defenses for those vulnerabilities. This course quickly introduces developers to the various types of threats against their software. The concept and process of Threat Modeling is introduced as a key enabler for architecting effective and appropriate security for software and information assets.
- Please also note that secure coding training is PCI Compliant, as it addresses common coding vulnerabilities in software development processes. This training is used by one of the principle participants in the PCI DSS. Having passed multiple PCI audits, this course has been shown to meet the PCI requirements.
- Understand the concepts and terminology behind defensive coding
- Understand and use Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against
- meaningful assets
- Learn the entire spectrum of threats and attacks that take place against software applications in today’s world
- Use Threat Modeling to identify potential vulnerabilities in a real life case study
- Understand and implement the processes and measures associated with the security development lifecycle (SDL)
- Acquire the skills, tools, and best practices for design reviews as well as testing initiatives
- Understand the basics of security testing and planning
- Work through a comprehensive testing plan for recognized vulnerabilities and weaknesses