Format: Asynchronous
Nominal duration: Self-paced Learning – Approximate Time: 200 minutes
Professional Development Hours (PDH) : 3.4
Continuing Education Credits (CEU) : 0.34
Course Description:
Whenever a software system is developed and deployed, there is always an entity that will attempt to corrupt or misuse that software. Software security is thus a critical thread that must run through the entire software development life-cycle. The development of secure software is the ultimate goal.
Software security involves a layered approach designed to deal with myriad threats and attack vectors based on an overall security policy that takes into account a variety of threat scenarios, the ROI of software security, the security supply chain, software assurance risk management and system evolution in an environment of never-ending threats. This course examines software security from the perspective of managing secure software development.
Nature of software
Software development life-cycle
Software as a system
Basics of security
Module 2 – Security in Detail
Layered approach to security
Threats and attack vectors
Security policy and its importance
Security from an ROI perspective
Security supply chain
Module 3 – Software Security Risk Management
Risk management overview
Incident response
In-house versus COTS
Testing for security
System evolution
Module 4 – Assurance Management
Ownership issues
Assurance management