(Click Category to List Courses)

41 - IT-S Information Technology - Security and Audit

IT-S 405 - Certified Secure Software Life-cycle Professional (CSSLP) Preparation Course

Code Start Date Duration Venue
IT-S 405 19 June 2023 5 Days Istanbul Registration Form Link
IT-S 405 14 August 2023 5 Days Istanbul Registration Form Link
IT-S 405 09 October 2023 5 Days Istanbul Registration Form Link
IT-S 405 04 December 2023 5 Days Istanbul Registration Form Link
Please contact us for fees


Course Description

During different stages of software development, developers need to be aware of the latest security practices and how to apply them if they want to protect an organization against vulnerabilities and attacks which targets most sensitive data. This course provides in-depth coverage on the skills and concepts of software security including Software Concepts, Requirements, Design, Implementation, Testing, Lifecycle Management among others.

This is a course preparation for certification exam/procedure. The fee doesn't include exam fee. The exam date and application should be done by participant(s) themselves. Please contact us for details and further clarification.

Course Objectives

  • Developing an application security program 
  • Reducing production costs, source code vulnerabilities and delivery delays
  • Enhancing the credibility of organizations and teams
  • Reducing losses due to insecure software breaches

Who Should Attend?

  • Software Developers
  • Software Engineers,
  • Software Architects
  • Penetration Testers 

Course Details/Schedule

Day 1

  • Core concepts
  • Security design principle
  • Security models and access control models 
  • Privacy 
  • Governance
  • Risk assessment 
  • Compliance 

Day 2

  • Security requirements 
  • Interpret data and classification requirements 
  • SMART requirements 
  • Policy Decomposition 
  • Data Classification & Categorization 
  • Functional Requirements
  • Operational Requirements

Day 3

  • Secure Software Design
  • Threat modeling 
  • Risks and controls 
  • Software Development Methodologies
  • Securing Commonly Used Architecture

Day 4

  • Secure Software Implementation/Coding
  • Declarative versus Imperative (Programmatic) Security 
  • Vulnerability Database / Lists 
  • Defensive Coding Practices and Controls 
  • Source Code and Versioning 
  • Development and Build Environment 
  • Code / Peer Review
  • Code Analysis
  • Anti-tampering Techniques

Day 5

  • Secure Software Testing
  • Developing security tests 
  • Verification Validation Certification and Accreditation 
  • Software Acceptance
  • Software Deployment, Operations, Maintenance and Disposal
  • Supply Chain & Software Acquisition