Secure Software Development and Testing
About this course
Course objectives
Upon successful completion of this course, the participants will be able to explain: the terminologies and concepts of information security pillars,
perform essential risk management,
apply secure development life cycle in traditional and agile software development processes,
explain the Dev-Sec-Op and software supply chain security concepts,
elicit and develop security requirements,
explain code security and reliability with metrics and measures,
apply secure coding principles and practices for high level programming languages,
apply Web and mobile application security concepts from OWASP top-10 list,
security of APIs and Micro-services,
apply design time security concepts using attack surface analysis and threat modelling, and
conduct the white box (SAST) and black box (DSAT) security testing using software tools.
Course description
This course aims to provide the participants with knowledge and skills in developing secure software through the application of well-established methods, processes, technologies and tools.
This four-day course takes on a practice-oriented approach and is conducted with lectures and hands-on workshops. To reinforce the learners’ knowledge and skills, short quiz and assignments will be conducted at the end of each day. A final assessment (approximately 1.5 hours) is conducted on the last day of the course to provide a holistic review of the course for the learners.
Target audiences
Software developers/engineers, software architects, IT project managers and other IT professionals with degree (or) diploma in IT or related disciplines with software development and/or testing experience.