Secure Software Design

At the core of the recent Heartbleed vulnerability was a violation of a basic principle of secure coding - validate untrusted data. According to research by the National Institute of Standards, 92% of all security vulnerabilities are considered application vulnerabilities and not network vulnerabilities. Retailers, financial institutions, government agencies, high-tech companies, and many others are paying the price for poor application security - financial losses and eroding trust.PCI Compliant Developer TrainingThis secure coding training addresses common coding vulnerabilities in software development processes. This training is used by one of the principle participants in the PCI DSS. Having passed multiple PCI audits, this course has been shown to meet the PCI requirements. The specification of those training requirements are detailed in 6.5.1 through 6.5.10 on pages 55 through 59 of the PCI DSS Requirements 3.0 document dated November, 2013. This is not "checklist mentality" training as it integrates demonstrations, code flashes, and hands-on labs for vulnerabilities, defenses, and best practices in secure development lifecycle (SDL).
Familiarity with software design and technologies is required and real world programming experience is highly recommended. Ideally, students should have approximately 6 months to a year of working knowledge of a programming language.
4 Days/Lecture & Lab
This is an intermediate level software design course, designed for architects and stakeholders who wish to get up and running on building well defended software applications. This course may be customized to suit your team's unique objectives.
  • Misconceptions
  • Foundation
  • Vulnerabilities
  • Secure Development Lifecycle (SDL)
  • Security Testing

Related Scheduled Courses