Secure Software Development Concepts – Series Course 1 of 8

Course Overview

In this course series we cover what secure software design means and why software can meet all quality requirements and still be insecure.

Please note that this course is providing introductory concepts for beginners and is NOT a programming course or has any hands on.

This course specifically, Secure Software Concepts is meant to provide learners a foundational start in software design that is focused around security.  The course covers foundational concepts such as the CIA Triad, AAA, Encryption, Separation of Duties, Fail Safe and much more.

The course continues on to cover Open Design concepts, Least Common Mechanism to name a few lessons.

The course provides some review questions and also whiteboard discussions to provide insight into some important topics.

Lastly,  the course series covers about 65% or more of the exam objectives for the CSSLP exam when completing all eight courses!

There are many benefits of designing security early which we cover in this course.

This is a series of courses for learning about “Secure Software Development Fundamentals”

• Course 1 – Secure Software Concepts
• Course 2 – Secure Software Requirements
• Course 3 – Secure Software Design
• Course 4 – Defining Security Architectures
• Course 5 – Secure Software Testing
• Course 6 – Secure Software Acceptance
• Course 7 – Software Deployment, Operations and Maintenance
• Course 8 – Supply Chain and Software Acquisition

Who should take this course (Target Audience)?

• You are a developer or software engineer and want to understand
• You want to learn IT security fundamentals focused on software development

What are the Couse Pre Requirements?

There are no course pre-requirement

What You’ll Learn

• What are the critical aspects of secure development
• What is the CIA Triad, AAA and other security fundamentals
• Identify the correct software build requirements needed for a secure software program
• Determine how to specify the proper software architecture to meet your software security requirements
• Understand what the commonly accepted best practices are software acceptance
• Determine the proper software acquisition and supply chain requirements for your software programs
• Get to know the proper software testing procedure for a secure software program.

Requirements

• No Requirements

Course Contents

Course Overview, Instructor Intro, Course Prereqs

Module 1 – Core Concepts CIA Triad AAA Encryption

Module 2 – Core Design Fundamentals Least Priviliages Separation of Duties Defense in Depth Whiteboard – Defense in Depth Fail Safe Economy of Mechanism Complete Mediation Open Design Least Common Mechanism Psychological Acceptability Leverage Existing Components Single Point of Failure (SPOF) Whiteboard – SPOF Course Review Course Review Questions

Course Closeout