Secure by Design

Course

Online

£ 1,799 + VAT

Description

  • Type

    Course

  • Methodology

    Online

With the increase in cyber-attacks on business, it's time to start building security into new systems developments right from the start. The majority of successful cyber-attacks depend on exploiting a few well-known common vulnerabilities. This course will show how to design security in, and maintain that security throughout a systems life-cycle from initial requirements through to de-commissioning and disposal of assets. Learning Objectives Delegates will learn how to                       Understand the main SDLC Models, and their principal differences  Be able to choose which SDLC model is most appropriate in a given situation.  Learn how to apply secure development techniques from the initial design stage and throughout a development lifecycle  Understand the latest (2013) OWASP vulnerabilities and how to counter/mitigate them  Learn about useful system design tools  Understand and learn how to apply secure design and coding techniques  Discover resources to help introduce and use secure design and development techniques  Understand the benefits of code review  Understand various testing strategies  Learn about encryption, securing and compromising passwords and meta data  An introduction to the classification of security flaws

About this course

A general understanding of current systems development practices, methodologies and languages, and a broad understanding of current threats and system vulnerabilities. The intended audience is system architects, designers, analysts, developers, software testers, security practitioners, project managers and anyone with an interest in building and maintaining secure, robust systems. This course is not designed for the experienced software developer and does not cover hands-on coding.

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

Fill in your details to get a reply

We will only publish your name and question

Reviews

Subjects

  • Systems
  • Design
  • Testing

Course programme

Module 1 - Secure Development Lifecycle (SDLC)

  • An overview of the main SDLC models
  • Development models
  • Configuration and source code management
  • Risk analysis and mitigation

Module 2 - Secure By Design

  • Security design architectures
  • Security models and frameworks
  • Systems design tools and methodologies

Module 3 - Application Security

  • Vulnerabilities and mitigations available to any development environment
  • Attack vectors and security controls
  • The OWASP Top 10 in detail
  • Vulnerability No. 1 - Injection
  • Vulnerability No. 2 - Broken Authentication and Session management
  • Vulnerability No. 3 - Cross Site Scripting (XSS)
  • Vulnerability No. 4 - Insecure Direct Object References
  • Vulnerability No. 5 - Security Misconfiguration
  • Vulnerability No. 6 - Sensitive Data Exposure
  • Vulnerability No. 7 - Missing Functional-level access control
  • Vulnerability No. 8 - Cross-site request forgery
  • Vulnerability No. 9 - Using Known Vulnerable Components
  • Vulnerability No. 10 - Unvalidated Redirects and Forwards

Module 4 - Defensive Coding

  • Secure coding techniques and principles.
  • Methods of testing code, and code test analysis
  • Using, compromising and defending encryption, hashes and passwords
  • Classification of security flaws

Secure by Design

£ 1,799 + VAT