With the increase in cyber-attacks on business, it's time to start building security into new systems developments right from the start. The majority of successful cyber-attacks depend on exploiting a few well-known common vulnerabilities. This course will show how to design security in, and maintain that security throughout a systems life-cycle from initial requirements through to de-commissioning and disposal of assets.
Secure by Design
Online Learning | Includes tutor support | 2 hours of online content | 1 year access
- A general understanding of current systems development practices, methodologies and languages, and a broad understanding of current threats and system vulnerabilities.
- The intended audience is system architects, designers, analysts, developers, software testers, security practitioners, project managers and anyone with an interest in building and maintaining secure, robust systems.
- This course is not designed for the experienced software developer and does not cover hands-on coding.
- Understand the main SDLC Models, and their principal differences
- Be able to choose which SDLC model is most appropriate in a given situation.
- Learn how to apply secure development techniques from the initial design stage and throughout a development lifecycle
- Understand the latest (2013) OWASP vulnerabilities and how to counter/mitigate them
- Learn about useful system design tools
- Understand and learn how to apply secure design and coding techniques
- Discover resources to help introduce and use secure design and development techniques
- Understand the benefits of code review
- Understand various testing strategies
- Learn about encryption, securing and compromising passwords and meta data
- An introduction to the classification of security flaws
Module 1 - Secure Development Lifecycle (SDLC)
- An overview of the main SDLC models
- Development models
- Configuration and source code management
- Risk analysis and mitigation
Module 2 - Secure By Design
- Security design architectures
- Security models and frameworks
- Systems design tools and methodologies
Module 3 - Application Security
- Vulnerabilities and mitigations available to any development environment
- Attack vectors and security controls
- The OWASP Top 10 in detail
- Vulnerability No. 1 - Injection
- Vulnerability No. 2 - Broken Authentication and Session management
- Vulnerability No. 3 - Cross Site Scripting (XSS)
- Vulnerability No. 4 - Insecure Direct Object References
- Vulnerability No. 5 - Security Misconfiguration
- Vulnerability No. 6 - Sensitive Data Exposure
- Vulnerability No. 7 - Missing Functional-level access control
- Vulnerability No. 8 - Cross-site request forgery
- Vulnerability No. 9 - Using Known Vulnerable Components
- Vulnerability No. 10 - Unvalidated Redirects and Forwards
Module 4 - Defensive Coding
- Secure coding techniques and principles.
- Methods of testing code, and code test analysis
- Using, compromising and defending encryption, hashes and passwords
- Classification of security flaws
Online content and modular video that can be streamed directly to your computer or mobile device so you can learn wherever you are.
Total price: £99
Secure by Design Online Learning
Fully accredited to ensure we provide the highest possible standards in learning