Application Security - The Complete Guide
Developing security in the Software Development Life Cycle (SDLC)
Description
Every company uses software to function. Whether they are a Fortune 500 technology company or a sole proprietor landscaping company, software is integral to businesses large and small. Software provides a means to track employees, customers, inventory, and scheduling. Data moves from a myriad of systems, networks, and software providing insights to businesses looking to stay competitive. Some of that software used is built within the organization or it is purchased and integrated. What this means is that every organization, regardless of size and industry, has a software need. It enables organizations to move quickly and stay ahead of their competition.
Because of this, we need more help in developing secure software. That’s where this course can help!
This course will familiarize you with the common vulnerabilities that plague developed code as outlined in publications like the OWASP Top 10 and SANS Top 25. You will understand what type of development behaviors lead to vulnerabilities and how to avoid those behaviors when creating secure code. You will learn how to perform a threat model on development features to understand what threats could impact your code, where they come from and how to mitigate them. You will also review and operate analysis tools that are available to developers in order to analyze their code and discover vulnerabilities, allowing you to correct them early in the development life cycle. Finally you will understand how application security fits in an overall cyber security program.
What You Will Learn!
- Learn how to become an application security champion.
- What is the OWASP Top 10 and how to defend against those vulnerabilities.
- Use of threat modeling to identify threats and mitigation in development features.
- How to perform a threat model on an application.
- How to perform a vulnerability scan of an application.
- Rating security vulnerabilities using standard and open processes.
- How to correct common security vulnerabilities in code.
- How application security fits in an overall cyber security program
- Building security in to the software development life cycle.
Who Should Attend!
- Software developers interested in developing more secure software.
- Security practitioners
- Software and security engineering leaders
- Cyber security professionals