The training you need for everyone who contributes to your secure software development lifecycle.
Improving software security means applying a number of best practices throughout the software development lifecycle. Such best practices (or touchpoints) allow software professionals to build applications that behave appropriately even when attacked. Integrating these best practices into a secure SDLC requires knowing and understanding non-functional security requirements, common attacks, secure design, and defensive programming, and also subjecting all software artifacts to thorough, objective risk analyses and security testing.
Most companies have barely begun to apply real solutions, often because the problem simply seems too large to manage. Applying the security touchpoints reinforced throughout our software security training courses is a solid start toward producing secure software.
Our training covers topics such as software security fundamentals, security requirements, architectural risk analysis, defensive programming, secure code review, static analysis tools, risk-based testing strategy, and SOA, Web Services, and XML security. Software security training is available for on-site delivery and some courses are offered as eLearning modules for computer-based training (CBT). We can also combine courses to create multi-day curricula. See the complete listing of the Cigital Security Training Series.
Cigital can customize a course to meet your specific needs; call us at 800-824-0022 or e-mail us to discuss a tailored solution. To see the greatest improvement toward a secure SDLC, software security training is needed for each of the following roles within software development and quality assurance organizations:
