CSSLP®: Secure Software Requirements
Understanding how to gather requirement to ensure that systems and applications meet both business and security needs. Areas of focus include data classification, privacy and threat modeling.
What you'll learn
Many software development projects fail to meet business requirements and lack effective security and compliance controls. This is frequently blamed on a problem gathering requirements. The lack of expertise in requirements gathering often leads to inadequate design and poor development of software applications. In this course, CSSLP®: Secure Software Requirements, you'll help you prepare to develop, implement, and operate secure software programs and assist you in preparing for the CSSLP examination. First, you'll explore the core concepts of secure software. Next, you'll discover the process of security design. Finally, you'll get a better understanding of risk and the control environment as it applies to software. By the end of this course, you'll have a solid understanding of the core secure software concepts and be prepared to progress into the next domain of secure software requirements.
Table of contents
- Include Security in Software Requirements Specification 6m
- Standards and Best Practices 12m
- OpenSAMM 7m
- OWASP 7m
- Building Security in Maturity Model 8m
- SAFECode 5m
- NIST and ISO 6m
- PCI-DSS and PA-DSS 14m
- Develop Use and Misuse Cases 13m
- Threat Modeling 15m
- Project Risk 10m
- Develop Security Requirements Traceability Matrix 3m
About the author
Kevin Henry is a well-known and respected educator and lecturer in the fields of information security and audit. Kevin uses his more than 30 years of practical experience as a network technician, computer programmer, and information systems auditor to deliver outstanding presentations that make each topic interesting, relevant, and useful. Often described by students as "The best instructor I have ever had," Kevin has the ability to provide quality instruction that engages the audience and provi... more
