About this course

Course type Premium
Course code QACCSC
Duration 3 Days

The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle.

This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development.

What’s included

QA offers more benefits. Here is what's included with this course:

Exam(s) included

Prerequisites

This course presents secure programming concepts that apply to many different types of software development projects. While this course uses Python, HTML, and JavaScript to demonstrate various programming concepts, you do not need to have experience in these languages to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications. Logical Operations provides a variety of courses covering software development that you might use to prepare for this course, such as:

  • Developing Secure Universal Windows® Platform Apps in C# and XAML
  • Developing Secure iOS® Apps for Business
  • Developing Secure Android™ Apps for Business
  • Python® Programming: Introduction
  • Python® Programming: Advanced
  • Programming Google App Engine™ Applications in Python®
  • HTML5: Content Authoring with New and Advanced Features
  • SQL Querying: Fundamentals

Delegates will learn how to

In this course, you will employ best practices in software development to develop secure software.

You will:

  • Identify the need for security in your software projects.
  • Eliminate vulnerabilities within software.
  • Use a Security by Design approach to design a secure architecture for your software.
  • Implement common protections to protect users and data.
  • Apply various testing methods to find and correct security defects in your software.
  • Maintain deployed software to ensure ongoing security.

Outline

Lesson 1: Identifying the Need for Security in Your Software Projects

  • Module A: Identify Security Requirements and Expectations
  • Module B: Identify Factors That Undermine Software Security
  • Module C: Find Vulnerabilities in Your Software
  • Module D: Gather Intelligence on Vulnerabilities and Exploits

Lesson 2: Handling Vulnerabilities

  • Module A: Handle Vulnerabilities Due to Software Defects and Misconfiguration
  • Module B: Handle Vulnerabilities Due to Human Factors
  • Module C: Handle Vulnerabilities Due to Process Shortcomings

Lesson 3: Designing for Security

  • Module A: Apply General Principles for Secure Design
  • Module B: Design Software to Counter Specific Threats

Lesson 4: Developing Secure Code

  • Module A: Follow Best Practices for Secure Coding
  • Module B: Prevent Platform Vulnerabilities
  • Module C: Prevent Privacy Vulnerabilities

Lesson 5: Implementing Common Protections

  • Module A: Limit Access Using Login and User Roles
  • Module B: Protect Data in Transit and At Rest
  • Module C: Implement Error Handling and Logging
  • Module D: Protect Sensitive Data and Functions
  • Module E: Protect Database Access

Lesson 6: Testing Software Security

  • Module A: Perform Security Testing
  • Module B: Analyze Code to find Security Problems
  • Module C: Use Automated Testing Tools to Find Security Problems

Lesson 7: Maintaining Security in Deployed Software

  • Module A: Monitor and Log Applications to Support Security
  • Module B: Maintain Security after Deployment


Appendix A: Mapping Course Content to Cyber Secure Coder (Exam CSC-110)

Premium Course

3 Days

Duration

This course is authored by QA

Delivery Method

Delivery method

Classroom / Attend from Anywhere

Receive classroom training at one of our nationwide training centres, or attend remotely via web access from anywhere.

Find dates and prices

Online booking is currently not available for this course, to find out more please call us on 0345 074 7998 or email us at info@qa.com to discuss how we can help.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.