Many software development projects fail to meet business requirements and lack effective security and compliance controls. This is frequently blamed on a problem gathering requirements. The lack of expertise in requirements gathering often leads to inadequate design and poor development of software applications. In this course, CSSLP®: Secure Software Requirements, you'll help you prepare to develop, implement, and operate secure software programs and assist you in preparing for the CSSLP examination. First, you'll explore the core concepts of secure software. Next, you'll discover the process of security design. Finally, you'll get a better understanding of risk and the control environment as it applies to software. By the end of this course, you'll have a solid understanding of the core secure software concepts and be prepared to progress into the next domain of secure software requirements.
Kevin Henry is a passionate mentor and educator in the fields of information security and audit. Mixing experience with knowledge, Kevin delivers effective training programs for companies and individuals worldwide. A frequent speaker at prestigious conferences, Kevin is known for a clear understandable manner of imparting practical information and explaining difficult topics.
Course Overview As security consultant and computer analyst programmer and a holder of the CSSLP, Certified Secure Software Lifecycle Professional certification. Welcome to my course on secure software requirements, the second domain of the CSSLP certification. I look forward to sharing with you knowledge and experiences that can help you understand the techniques and objectives used to design secure programs. This course will help you prepare to develop, implement, and operate secure software programs and assist you in preparing for the CSSLP examination. We know that the failure of many IT projects has been attributed to the failure to gather the requirements correctly. This course will help you learn the skills of requirements gathering. We'll address areas such as the skill of identifying secure software and business requirements, the means to identify sensitive and critical systems and data, and we'll look at threat modeling and misuse case analysis. By the end of this course you'll be prepared to progress into the next domain of the CSSLP, Secure Software Design. I hope you'll join me on this journey to learn about the value, benefits, and features of the secure software lifecycle and the role you can play in this exciting and rewarding field through this course at Pluralsight.