This course will educate all attendees on the principles and practicalities of developing secure software and systems, threat modelling, rating risks in information security and will provide the foundations of best practices. The course is suitable both for penetration testers looking to better understand the systems they are testing from their clients' point of view and for development teams.
Knowledge of development techniques, programming and methodologies such as Agile, Waterfall etc. is advisable but not required. This course is designed to give the candidates a thorough grounding in secure development principles.
Successful candidates will receive a ‘Certificate of Attainment’ and become a ‘Member’ of Cyber Scheme as a Certified Secure Development Team Member.
Continual assessment of understanding by the course instructor will be carried out over the duration of the course.
The objectives for this course are to give attendees a solid and repeatable methodology when designing and working with an SDLC.
Security modelling
Threat modelling
Secure development life cycle
Understanding aspects of the SDLC, including:
Understanding the assurance process:
A working, but basic understanding of software, operating systems and networking is beneficial, but it is not a requirement to have knowledge in all of these areas.