Secure Software Development

This comprehensive course on Secure Software Development is designed to help IT professionals integrate security at every stage of the Software Development Life Cycle (SDLC), following the CISSP curriculum. The course starts with an introduction to security considerations in software development and how to choose the appropriate development methodology, including process-driven and agile-based approaches. You’ll explore the use of security controls, risk analysis, and methodologies such as the Capability Maturity Model (CMM) and Software Assurance Maturity Model (SAMM) to enhance the security of your development processes. As the course progresses, you’ll dive into secure coding practices, exploring how to minimize programming language risks, use secure development tools, and manage post-deployment software expectations. You’ll learn how to conduct application security testing, manage software configuration, and implement auditing and logging processes to ensure security throughout the software lifecycle. Real-world scenarios will illustrate the critical role of Integrated Product Teams (IPTs) in improving communication, decision-making, and overall software quality. In addition, you’ll examine the security of APIs, cloud services, third-party software, and open-source solutions, learning how to assess and mitigate risks associated with these components. By the end of the course, you’ll have a strong understanding of how to develop, deploy, and maintain secure software, ensuring both compliance and security in modern IT environments. This course is also an excellent preparation for the CISSP certification. This course is designed for software developers, security professionals, and IT managers preparing for the CISSP certification or aiming to integrate security into software development practices. A basic understanding of software development methodologies is recommended.

• Secure Software Development Lifecycle and Methodologies
• This module focuses on the integration of security into the Software Development Life Cycle (SDLC) and selecting appropriate development methodologies. Learners will explore how to choose secure software development methods, including both process-driven and agile-based approaches. This module will also cover frameworks such as Capability Maturity Model (CMM) and SAMM, and the role of Integrated Product Teams (IPT) in improving the quality and security of software products. By mastering these concepts, learners will be able to implement secure practices throughout the development lifecycle.
• Secure Coding, Testing, and Risk Management
• This module emphasizes secure coding practices, software configuration management, and application security testing within the SDLC. Learners will delve into risk analysis, mitigating programming language risks, and evaluating security in various software environments, including third-party, open-source, and cloud-based software. The module also covers API security, auditing, and logging of software changes. By mastering these areas, learners will be able to develop, deploy, and maintain secure software while managing associated risks.