Secure Product Lifecycle 101

Fundamental security concepts, principles, tools and techniques for the development lifecycle
Secure Product Lifecycle 101
File Size :
256.65 MB
Total length :
1h 33m

Category

Instructor

Implementing Security

Language

Last update

12/2020

Ratings

4.4/5

Secure Product Lifecycle 101

What you’ll learn

The basics of software security and the tools and techniques that secure the development lifecycle
The OWASP Top Ten and some high-level mitigations for each of the ten
How software development risks are calculated and the different methods for treating those risks
Explanations of the tools used to add security into product development and things to consider during implementation
Definitions, explanations, and high-level overviews of principles highlighted in OWASP SAMM

Secure Product Lifecycle 101

Requirements

Basic IT awareness

Description

This course is a comprehensive introduction to the foundations of secure development that’s aimed at anyone with an interest in application security and securing the SDLC. Secure Product Lifecycle 101 provides a broad knowledge of security best-practice as it relates to development work – which will lead to an understanding of how to create more secure, reliable, and robust products end-to-end. This course covers the OWASP Top 10, secure design principles, security techniques, risk management, and a range of security tools: leading to familiarity and understanding of how security can be embedded into the development lifecycle.

Overview

Section 1: Foundations of security

Lecture 1 Welcome to the SPLC 101 course

Lecture 2 What’s the Secure Product Lifecycle?

Lecture 3 Course outcome and goals

Lecture 4 Section 1 Introduction

Lecture 5 Information security

Lecture 6 Security culture and shift-left

Lecture 7 Risk, threats, and vulnerabilities

Lecture 8 Managing and treating risk

Lecture 9 Data governance and data privacy

Lecture 10 Section 1 summary

Section 2: Principles of protection

Lecture 11 Section 2 introduction

Lecture 12 Least privilege

Lecture 13 Defense in depth

Lecture 14 Fail secure / fail safe

Lecture 15 Complete mediation

Lecture 16 Session management

Lecture 17 Open design

Lecture 18 Psychological acceptability

Lecture 19 OWASP Top 10 – Part 1

Lecture 20 OWASP Top 10 – Part 2

Lecture 21 OWASP Top 10 – Part 3

Lecture 22 Section 2 summary

Section 3: Tools and techniques

Lecture 23 Section 3 introduction

Lecture 24 Product risk profiles

Lecture 25 Security requirements

Lecture 26 Threat modeling

Lecture 27 Architecture assessment

Lecture 28 Encryption in transit and at rest

Lecture 29 Security logging and monitoring

Lecture 30 Penetration testing

Lecture 31 Source code management (SCM)

Lecture 32 CI/CD tools

Lecture 33 Secret scanning tools

Lecture 34 Software composition analysis (SCA)

Lecture 35 Static application security testing (SAST)

Lecture 36 Dynamic application security testing (DAST)

Lecture 37 Interactive application security testing (IAST)

Lecture 38 Section 3 and course summary

Section 4: Test

Individuals who want to understand the Secure Product Lifecycle, and software security, and who want to be able to verify their awareness of core security fundamentals,N.B. This is a fundamentals course designed to cover the basics of software development security. This course provides the fundamentals to empower further in-depth learning on security in the development lifecycle

Course Information:

Udemy | English | 1h 33m | 256.65 MB
Created by: Implementing Security

You Can See More Courses in the IT & Software >> Greetings from CourseDown.com

New Courses

Scroll to Top