Storage Training

Storage Training
Kontakt | Standorte

 Sie sind hier: Home >> Workshops >> Security & Datenschutz >> SC470-EN Secure Development Principles

Finden:
Workshops 
  Noon2noon 
  Acronis 
  Automic (UC4) 
  AWS 
  Backup & Recovery 
  Brocade 
  Cloud 
  Commvault 
  Datenbanken 
  DevOps 
  Fujitsu 
  Governance, Risk & Compliance  
  Hochverfügbarkeit 
  Industrie 4.0 
  Künstliche Intelligenz 
  Linux/Unix 
  Microsoft 
  NetApp 
  NetApp für Partner 
  Netzwerke 
  SAP 
  Security & Datenschutz 
  Softwareentwicklung 
  Storage Solutions 
  Veeam 
  Virtualisierung 
  Web-Seminare 
  Zertifizierungen 

Training: Security - Softwareentwicklung - Certification

SC470-EN Secure Development Principles

 

description:
The SC470-EN Secure Development Principles workshop teaches you the theoretical principles of secure software development in a professional environment.

In addition to robust architecture, the focus is on business and threat modeling as well as risk handling. You will learn about all the building blocks of the secure development lifecycle: requirement gathering, secure design, secure implementation, secure testing and deployment. Specifically, the topics of business and project requirements, threat modeling and secure design will be covered.

The workshop places particular emphasis on current concepts, which are explored in depth using numerous interactive practical examples. This gives participants the opportunity to actively contribute their own experiences and requirements. By the end of the workshop, participants will have gained a solid understanding of secure software development in a professional environment and will be able to plan robust and secure applications and support their implementation.

The course is part of the "qSkills Secure Software Quadrant", which consists of:

target group:
The SC470-EN Secure Development Principles training is ideal for:
  • Software project managers / product owners
  • Business analysts / requirements engineers
  • IT consultants
  • Junior software/cloud architects
  • Junior software developers

requirements:
In order to be able to follow the course content and pace of learning in the SC470-EN Secure Development Principles workshop, professional experience in software development is helpful. Programming knowledge is not a prerequisite.
objectives:
The SC470-EN Secure Development Principles course provides:
  • Identify vulnerabilities in concepts and architectures
  • Identify business critical assets
  • Develop and describe attack vectors

price and duration:
duration: 4 days
price: 2850,- Euro + VAT
The optional certificate exam is not included in the course price and can be booked separately for €100 + VAT.

You can find the print view here.
dates:
Will be scheduled on request
Please let us know here, when you prefer to have this workshop!
agenda:
  • Introduction
    • What is secure coding and what is it not
    • Terminology and concept of training
  • Requirement Gathering
    • Business requirements (business area, processes, assets, etc.)
    • Project requirements (code maturity, internal functionality requirements, budget, legal requirements, etc.)
    • Threat model (protection goals, identification of attack vectors, risk management, mitigation strategies)
  • Secure Design
    • Secure Design Principles (Bugchains, Security by Design, Viega's and Graw's Principle)
    • Robust Architecture (Application Components, The Dependency Rule, Service Mesh)
    • Robust Technology Design (Development Considerations, Supply Chain Considerations)
  • Secure Implementation
    • OWASP Top 10, CWE, Best Practices
    • Authentication (Identification & Authentication, Broken Access Control)
    • Processing (Input Parsing, Injection)
    • Storage (Software & Data Integrity, Cryptographic Failures, Logging & Monitoring Failures)
  • Testing
    • Automated Testing (Test Cases, Test Setups, Tools)
    • Penetration Testing (Concept, Methods, Tools)
    • Chaos Engineering (Concept, Resilience, Case Study)
  • Deployment & Maintenance
    • Launch (Release Strategies, Hypercare)
    • Longterm Support (Change Management, Feature Requests, Future Proof)
    • Disaster Recovery (Backups, Supply Chain, Business Continuity)
  • Learning progress review / exam