Secure Software Design

At the core of the recent Heartbleed vulnerability was a violation of a basic principle of secure coding - validate untrusted data. According to research by the National Institute of Standards, 92% of all security vulnerabilities are considered application vulnerabilities and not network vulnerabilities. Retailers, financial institutions, government agencies, high-tech companies, and many others are paying the price for poor application security - financial losses and eroding trust.PCI Compliant Developer TrainingThis secure coding training addresses common coding vulnerabilities in software development processes. This training is used by one of the principle participants in the PCI DSS. Having passed multiple PCI audits, this course has been shown to meet the PCI requirements. The specification of those training requirements are detailed in 6.5.1 through 6.5.10 on pages 55 through 59 of the PCI DSS Requirements 3.0 document dated November, 2013. This is not "checklist mentality" training as it integrates demonstrations, code flashes, and hands-on labs for vulnerabilities, defenses, and best practices in secure development lifecycle (SDL).