(Click Category to List Courses)
42 - IT-S Information Technology - Security and Audit
IT-S 405 - Certified Secure Software Life-cycle Professional (CSSLP) Preparation Course
Code | Start Date | Duration | Venue | |
---|---|---|---|---|
IT-S 405 | 28 October 2024 | 5 Days | Istanbul | Registration Form Link |
IT-S 405 | 25 November 2024 | 5 Days | Istanbul | Registration Form Link |
IT-S 405 | 23 December 2024 | 5 Days | Istanbul | Registration Form Link |
Course Description
During different stages of software development, developers need to be aware of the latest security practices and how to apply them if they want to protect an organization against vulnerabilities and attacks which targets most sensitive data. This course provides in-depth coverage on the skills and concepts of software security including Software Concepts, Requirements, Design, Implementation, Testing, Lifecycle Management among others.
This is a course preparation for certification exam/procedure. The fee doesn't include exam fee. The exam date and application should be done by participant(s) themselves. Please contact us for details and further clarification.
Course Objectives
- Developing an application security program
- Reducing production costs, source code vulnerabilities and delivery delays
- Enhancing the credibility of organizations and teams
- Reducing losses due to insecure software breaches
Who Should Attend?
- Software Developers
- Software Engineers,
- Software Architects
- Penetration Testers
Course Details/Schedule
Day 1
- Core concepts
- Security design principle
- Security models and access control models
- Privacy
- Governance
- Risk assessment
- Compliance
Day 2
- Security requirements
- Interpret data and classification requirements
- SMART requirements
- Policy Decomposition
- Data Classification & Categorization
- Functional Requirements
- Operational Requirements
Day 3
- Secure Software Design
- Threat modeling
- Risks and controls
- Software Development Methodologies
- Securing Commonly Used Architecture
Day 4
- Secure Software Implementation/Coding
- Declarative versus Imperative (Programmatic) Security
- Vulnerability Database / Lists
- Defensive Coding Practices and Controls
- Source Code and Versioning
- Development and Build Environment
- Code / Peer Review
- Code Analysis
- Anti-tampering Techniques
Day 5
- Secure Software Testing
- Developing security tests
- Verification Validation Certification and Accreditation
- Software Acceptance
- Software Deployment, Operations, Maintenance and Disposal
- Supply Chain & Software Acquisition