TRAINING CATEGORIES
(Click Category to List Courses)

42 - IT-S Information Technology - Security and Audit


IT-S 405 - Certified Secure Software Life-cycle Professional (CSSLP) Preparation Course

Code Start Date Duration Venue
IT-S 405 10 June 2024 5 Days Istanbul Registration Form Link
IT-S 405 08 July 2024 5 Days Istanbul Registration Form Link
IT-S 405 05 August 2024 5 Days Istanbul Registration Form Link
IT-S 405 02 September 2024 5 Days Istanbul Registration Form Link
IT-S 405 28 October 2024 5 Days Istanbul Registration Form Link
IT-S 405 25 November 2024 5 Days Istanbul Registration Form Link
IT-S 405 23 December 2024 5 Days Istanbul Registration Form Link
Please contact us for fees

 

Course Description

During different stages of software development, developers need to be aware of the latest security practices and how to apply them if they want to protect an organization against vulnerabilities and attacks which targets most sensitive data. This course provides in-depth coverage on the skills and concepts of software security including Software Concepts, Requirements, Design, Implementation, Testing, Lifecycle Management among others.

This is a course preparation for certification exam/procedure. The fee doesn't include exam fee. The exam date and application should be done by participant(s) themselves. Please contact us for details and further clarification.

Course Objectives

  • Developing an application security program 
  • Reducing production costs, source code vulnerabilities and delivery delays
  • Enhancing the credibility of organizations and teams
  • Reducing losses due to insecure software breaches

Who Should Attend?

  • Software Developers
  • Software Engineers,
  • Software Architects
  • Penetration Testers 

Course Details/Schedule

Day 1

  • Core concepts
  • Security design principle
  • Security models and access control models 
  • Privacy 
  • Governance
  • Risk assessment 
  • Compliance 

Day 2

  • Security requirements 
  • Interpret data and classification requirements 
  • SMART requirements 
  • Policy Decomposition 
  • Data Classification & Categorization 
  • Functional Requirements
  • Operational Requirements

Day 3

  • Secure Software Design
  • Threat modeling 
  • Risks and controls 
  • Software Development Methodologies
  • Securing Commonly Used Architecture

Day 4

  • Secure Software Implementation/Coding
  • Declarative versus Imperative (Programmatic) Security 
  • Vulnerability Database / Lists 
  • Defensive Coding Practices and Controls 
  • Source Code and Versioning 
  • Development and Build Environment 
  • Code / Peer Review
  • Code Analysis
  • Anti-tampering Techniques

Day 5

  • Secure Software Testing
  • Developing security tests 
  • Verification Validation Certification and Accreditation 
  • Software Acceptance
  • Software Deployment, Operations, Maintenance and Disposal
  • Supply Chain & Software Acquisition