certification secure software design architect

Secure Software Design Architect (SSDA)

Building Secure Software Architecture

Available in 2017 Q2

SSDA Exam Scope

Module#1: Introduction

  • Security Definitions
  • Risk Management: Overview
  • Walkthrough Core Security Concepts
    • C.I.A.
    • TriadA.A.A.

Module#2: Why we need to Secure the Design

  • Advantages
  • Introduction: Secure Design Principles
  • Mapping with Secure SDLC Frameworks
  • Top10 Software Security Design Flaws

Module#3: Current and Emerging Threats & Attack Patterns 

  • Common Threats in Different Software Environments
    • The Human Factor
    • Network
    • Storage
    • Data Storage
    • Operating System
    • Programming Language
    • Web Application
    • Mobile Application
    • Cloud
    • IoT
  • Introducing CAPEC  

  Module#4: Introducing Threat Modeling

  • About
  • Process
    • Identify Asset
    • Define Scope
    • Decompose Architecture
    • Discover Threats 
    • Analyze Impact
    • Optimize Design
    • Document Model
  • Approaches
    • Asset or Security centric
    • Data Flow or Software Centric
    • Attacker or Risk Centric
  • Common Vulnerability Scoring System (CVSS)

Module#5: STRIDE Approach for Threat Modeling

  • STRIDE Introducting
  • About, Benefits
  • Deep-dive to Process & Design Optimization
    • Attack Surface Analysis
    • Data Flow
    • Evaluate Flow for STRIDE
    • Threat Analysis
    • Design Optimization Documentation

Module#6: Simulation and Analysis with PASTA 

  • Introducting PASTA
  • About, Benefits, Approach
  • Deep-dive analysis in 7 Stages
    • Define Objectives (DO)
    • Define Technical Scope (DTS)
    • Application Decomposition (AD)
    • Threat Analysis (TA)
    • Weakness & Vulnerability Analysis (WVA)
    • Attack Modeling & Simulation (AMS)
    • Residual Risk Analysis & Management (RAM)
  • Documentation

Module#7:Threat Modeling Across SDLC Models

  • Implementation across SDLC
  • Using Threat Modeling across
    • Waterfall model
    • Interactive model
    • Agile model
  • Overcoming Adoption concenrs

    Book an Exam  Contact Us  Enquire Now !