Schedule NTC

Cisco Authorized Training System & Network Foundation Professional Network Cabling System CompTIA EC-Council Security Additional IT Security CCC Cloud Computing Big Data SDN Certification Project Management Training PRINCE2® AGILE DevOps ITIL® COBIT ISO Training (IRCA Auditor) Data Center Certification (EPI) Certified IT Training (EPI) Lean IT (LITA) CISSP ISACA Certification Sourcing Governance Foundation Business Simulation Game Programming & Software Development Professional Skill Digital Marketing Professional CMMI Framework SDI Certification Linux VMware Zimbra Python IoT Citrix Fortinet Data Mining Finance English for Business Microsoft Office Human Resource Training Customized Training NTC's Event

Top Interested Training Courses

Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) ISO20000 Information Technology Service Management (ITSMS) Building Cisco Service Provider Next-Generation Networks, Part 1 (SPNGN1) Implementing Cisco Data Center Unified Computing (DCUCI) Deploying Cisco Service Provider Network Routing (SPROUTE)

Secure Software Development Life Cycle (SDLC)

Duration 2 Days

COURSE DESCRIPTION

This course is an intensive 2-days course that provides the principles of Secure Software Development Life Cycle (SSDLC) and practical methods to secure requirements, Design, Implementation, Testing, Deployment and Maintenance your software development.

COURSE OBJECTIVES

To understand how to establish secure software development life cycle processes within your Organization
To understand how to assess security requirements for software development
To understand software vulnerability
To understand how to evaluate security risks to your software

COURSE OUTLINE

Module 1: Introduction to software security

Topology of an Application Attack
Challenge
Attacker vs Defender
Cost of Software Security

Module 2: SDLC Model

Waterfall
Iterative
Spiral
Extreme Programming(XP)
Scrum
SSDLC

Module 3: Software Security

Risk Management
Security Profile
Governance
Compliance and Privacy
Methodologies and Frameworks
Trusted Computing
Acquisitions

Module 4: Requirement phase

Security Requirement
Requirements Elicitation Techniques
Policy Decomposition
Data Classification
Subject/Object Modeling
Use/Misuse Case Modeling
Requirements Documentation

Module 5: Design phase

Secure Design Principle
Views
Security Models
Design Considerations
Threat Modeling
Architectures
Technologies
Design Review

Module 6: Implementation phase

Programming Concepts
Methodologies
Software Attacks
Secure Software Process
Build Environment Security

Module 7: Testing phase

Software Quality Assurance
Security Testing

Module 8: Deployment, Operations, Maintenance and Disposal Phase

Hardening
Secure Installation
Configuration Management
Post Deployment Assessment
Continuous monitoring
Incident Management
Problem Management
Secure Disposal

WHO SHOULD ATTEND

Application developer, Software development project manager, IT auditor, Tester, Software Quality
Assurance (SQA), Software Engineer, Information Security officer, Database administrator

Register

Youtube Facebook Twitter

Name :
Email :