Training Course: Security Development

IT235426 27 Apr - 1 May 2025 Cost : 2275 € Euro
Register Inquiry Choose Date

Introduction:

In today's digital era, ensuring the security of software and systems is crucial for protecting sensitive data and maintaining trust. Security Development is the practice of integrating security measures into every phase of the software development lifecycle, from initial design to deployment and maintenance. This program aims to provide participants with the knowledge and skills needed to build secure software, identify and mitigate vulnerabilities, and implement robust security protocols.

Target Audience:

  • Software Developers

  • IT Security Professionals

  • DevOps Engineers

  • Project Managers

  • System Administrators

  • IT Auditors

  • Anyone interested in learning about secure software development practices

Objectives:

  1. Understand the principles and importance of secure software development.

  2. Learn to identify and prevent common security vulnerabilities.

  3. Gain practical experience with security tools and techniques.

  4. Develop skills for performing security testing and code reviews.

  5. Implement security best practices throughout the software development lifecycle.

Outlines:

Day 1:

Introduction to Security  Development

  • Overview of security in the software development lifecycle (SDLC)

  • The importance of integrating security from the start

  • Key security principles and concepts

  • Understanding threats and attack vectors

  • Case studies of notable security breaches and their impact

Day 2:

Identifying and Mitigating Security Vulnerabilities

  • Common software vulnerabilities (e.g., OWASP Top Ten)

  • Methods for identifying vulnerabilities in systems and processes

  • Best practices for vulnerability management

  • Introduction to threat intelligence and its use in vulnerability identification

  • Real-world examples of vulnerability mitigation

Day 3:

Security Assessments and Reviews

  • Overview of security assessment methodologies

  • Conducting risk assessments and threat modeling

  • Security auditing and compliance checks

  • Tools and techniques for non-coding security assessments

  • Case studies of effective security reviews

Day 4:

Implementing Security in  DevOps

  • Introduction to DevSecOps and its importance

  • Integrating security into Continuous Integration/Continuous Deployment (CI/CD) pipelines without coding

  • Automated security testing tools and their role in DevOps

  • Secure configuration management and infrastructure as code (IaC)

  • Monitoring and logging for security purposes

Day 5:

Advanced Security Topics and Best Practices

  • Basics of cryptography and its application in software security

  • Secure software design principles and patterns

  • Incident response and recovery planning

  • Building a security-aware organizational culture through training and awareness programs

  • Developing and implementing security policies and procedures

 22 Portman Square, Marylebone, London W1H 7BG, UK
 3 Oudai street, Aldouki, Giza, Giza Governorate, Egypt
 0020233379764
 00201095004484
 00201102960555
 00201102960666
 19 Mayıs Mahallesi, 19 Mayis Street No 2 Sisli, 34360 Istanbul/Turkey
 00905357839460
 Australia Street, Raouche Beirut, Lebanon .، Beirut, Lebanon
 0096181746278
 811 Massachusetts Avenue, Boston, Massachusetts, 02118, USA
 6 Beirut Street - Fifth Circle Abdoun, P.O. Box 831370, 11183 Amman, Jordan
Copyright Global Horizon Training Center © 2019