Software Security Awareness

Overview

This awareness course discusses design and implementation of software applications to reduce the risk from hackers and attacks. The concept is to engineer software so that it continues to function correctly under malicious attack. This course introduces defensive coding and tips to avoid creating problems or vulnerabilities. We also examine the most common flaws of software design and implementation, and you will learn about specific practices to avoid those flaws.

This is an introductory course, suitable for managers as well as developers to get them thinking about baking security into software. The next courses in this track would be SANS Web application security and then language specific developer security training or tester-specific courses.

Sampling of Topics

• Who Should Attend
  • Software developers
  • Software testers
  • Managers with software development responsibility
• Prerequisites
  • There are no prerequisites; this is the introductory course to this subject.
• A Sampling of Topics
  • Vulnerability Cycle – Discovery, Exploit and Patching
  • Principles of Security Applicable to All

• Software
  • 9 Steps to Designing Secure Software
  • 18 Software Implementation Flaws
  • Recommended Practices for Safe Data Handling
  • Recommended Techniques and Tools for Testing the Security of Software

Laptop