Information Security Training ssdlc secure software development lifecycle

Secure Software Development Life Cycle

Hands-On | 32 Hours, 5 Days | SWADLP Exam Attempt | Online LAB Access

Email Support | Aligned with Industry Security Standards and Best Practices

Secure SDLC is a structural concept to integrate Security at every phase of Software Development Lifecycle. Ensuring security in a product from scratch, not only helps in ensuring Security Standards but can also assist in optimizing Product Development and Security Control implementation cost.

Hack2Secure’s Secure Software Development Life Cycle (Secure SDLC or SSDLC) Workshop provides hands-on exposure and relevant Case Studies to assist in integrating Security at every phase of Web Application Development Lifecycle. It ensures exposure on different Application Security standards and best practices taken from NIST, OWASP, CERT, PCI-DSS etc.

Secure SDLC Phases

Relative Cost of Handling Security across SDLC

Get aligned with Industry Security Standards & Best Practices

  • NIST SP 800-64, ISO 27034
  • PCI DSS, NIST & FIPS Recommended Security Practices
  • BSIMM7 & OpenSAMM Frameworks
  • OWASP Web Application Security Testing Guide
  • OWASP Secure Coding Practices, Review Guide
  • CERT Secure Coding Practices .. & many more

What You will Learn

  • Security Requirements across SDL Pahses, related Compliances and Frameworks
  • Software Security Standards and Assurance Methodologies
  • Basic Security Concepts and Secure Design Principles
  • OWASP Top10 (2017) Web Security Risk
  • Gathering Security Requirements, Establishing Baseline and Quality Gates
  • Threat Modeling process & use Cases
  • Secure Coding practices and Review Guidelines
  • Application Security Testing Methods, Tools & Techniques
  • Building Final Security Review Plan
  • Software Supply Chain Risk Management
  • Incident Handling Process
  • Security Patch Management
  • Handling 3rd Party Library Upgrades

WORKSHOP AGENDA

** For more detailed Agenda & LAB Scope, look into Secure SDLC Workshop Reference Guide **

Secure SDLC Phase#1: Security Awareness

  • About Secure SDLC Process, Requirements & Methodologies
  • Core & Design Security Concepts
  • Different Software Security Standards, Regulations and Compliances
  • Security Assurance Methodologies
  • OWASP Top10 Web Application Security Risk
  • Secure SDLC Standards & Frameworks

Secure SDLC Phase#2: Building Security Requirements

  • Gathering Security Requirements
  • Building Checklist and Defining Security Quality Gates
  • Setting Product Security Baseline

Secure SDLC Phase#3: Ensuring Secure Design

  • Secure Design Methodologies
  • Attack Surface Analysis
  • Threat Modeling [based on STRIDE]

Secure SDLC Phase#4: Secure Implementation (Coding)

  • CWE Top25 Programming Errors
  • Secure Coding Best Practices
  • Security Code Review process and Best Practices

Secure SDLC Phase#5: Application Security Testing / Verification

  • Application Security Testing Techniques & Methodologies
  • Web Application Security Testing (WAST) for OWASP Top10 Web Security Risk
  • Handling Security Defects

Phase#6: Security Review & Response

  • Final Security Review Plan
  • Security Review Processes: Auditing, Vulnerability Assessment & Penetration Testing
  • Incident Handling Process
  • Threats to Supply Chain Software
  • Software Deployment and Procurement Risk

Phase#7: Security in Maintenance Cycle

  • Security Patch Management
  • Handling 3rd Party Library upgrades
  • Application Disposal Policy

** For more detailed Agenda & LAB Scope, look into Secure SDLC Workshop Reference Guide **

Who should Attend this Workshop?

  • Management Team
    • Software Development Managers
    • Leads
    • Project Assurance Team
    • CxO, Directors, VPs
  • Research & Development Team
    • Software/Application Architects
    • Developers
    • Software Testing Team (QA)
    • Software Analyst, Consultants
    • o Research Engineers
  • Product Security Team/Office
    • CISO, Assurance and Compliance Officer
    • Security Managers
    • Security Consultants
    • Auditors
    • Security Engineers, Testers and Analyst
    • Application Penetration Testers
  • Students
    • Looking to pursue career in Secure Software Development and Management
  • Anyone
    • Who is interested in exploring Secure SDLC process and practices

What you will Receive?

  • Instructor Led Classroom Sessions
  • Soft Deliverables
    • Program Slides & Lab Guides
    • Reference Documents
  • Online Lab Access [30 Days]
    • Vulnerable Web Server & Client (Attacker) machine to explore
  • SWADLP Exam Voucher
    • 1 Attempt, 6 months Validity
    • Globally Proctored and Delivered by Pearson VUE
  • Post-Session Email based Support
  • Training Completion Certificate
  • Exclusive Discount on All Hack2Secure Online Programs

                                               ...& much more

What NOT to Expect?

  • Deep-dive to Information Security Basic concepts, apart from scoped curriculum
  • Providing deep-dive on any Programming Language or Technology
  • Any distribution of License or Key of Commercial Security Tools
  • Job Opportunity (But, it will be easy to find with this curriculum and skill-set)

Requirements/Pre-requisites

  • Awareness on Software/Application Development Methodologies
  • Knowledge of Web Technologies
  • Basic Protocol functionality of Protocols especially HTTP

Laptop Required

Hack2Secure will provide access to its Cloud based Lab Environment including access to Vulnerable Web Server and required Security Tools. To access same, Students are required to have sufficient configuration supporting Laptop and Internet Speed.

  • Students need to bring their Laptop to access Lab environment

Min. Laptop Configuration

  • Operating System: Windows 7, 8, 8.1, 10
  • RAM: Min. 4 GB (Recommended)
  • Networking: LAN Port

Secure SDLC Workshop: Key Take Aways

SSDLC WORKSHOP

    Basic Security Concepts & OWASP Top10

    Different Security Controls across SDL phases

    Secure Software Development & Assurance Methodologies

    Security Requirements & Establishing Baseline

    Software Security Risk Management

    Secure Design Principles & Threat Modeling

    Secure Coding Practices & Review Guidelines

    Web Application Security Testing Tools & Techniques

    Final Security Review Plan

Secure Software Application Development Schedule

Batch# Duration When Where LAB & SWADLP Exam Attempt Registration & Cost
SEC_SDLC_BLR_OCT 5 Days Oct 09-13 H2S, Bangalore Included Email us: training@hack2secure.com
Send Details

Secure SDLC Workshop [Reference Guide]

Learn More

Secure Web Application Development Lifecycle Practitioner (SWADLP)

Schedule Now

Take SWADLP Exam via Pearson VUE

    Book an Exam  Contact Us  Enquire Now !