One of the weakest links in cyber-security are the attack vectors that sometimes get created with applications. In this course, you'll learn how to evaluate and integrate security and software development to protect your environment.
Most companies have a well-oiled machine with the sole purpose to create, release, and maintain functional software. Still, the growing concerns and risks related with insecure software have brought increased attention to the need to mix security into the development process. In this course, Secure Software Development, you will gain an understanding of the Software Development Life Cycle (SDLC) and the security implications that can arise to ensure that the software your organization uses is well written and secure through its lifespan. First, you will learn about the different options when it comes to following a SDLC. Next, you will delve into the 5 phases that software runs through as it is being developed. Last, you will dive into how vulnerabilities creep into your environment in ways you may have not considered. By the end of this course, you will be able to apply a proper SDLC and ensure that additional attack vectors aren't created by mistake (or on purpose) to expose your resources and networks.
Dale Meredith received his Certified Ethical Hacker and Certified EC-Counsel Instructor certifications back in 2006, as well as being a Microsoft Certified Trainer since 1998 (yes we had computers back then). Dale takes great pride in helping students comprehend and simplify complex IT concepts.
Course Overview Hey everyone, my name is Dale Meredith, and I'd like to welcome you to my course, Secure Software Development. Now I've been a Microsoft trainer since 1998, as well as a cyber security trainer and consultant, and I've worked with several corporate 500 companies, as well as the Department of Homeland Security on several projects. I'd tell you about them, but then I'd have to kill you. I've got to ask you, have you ever said to yourself, you know, how are attackers getting into our networks, even though we've spent all this money on, you know, new appliances and new devices? Well, to be honest with you, from an attacker's perspective, it is so much easier for an attacker to scan for vulnerabilities with the software that you're using or that you've created. The reason this happens is because either security professionals or developers themselves forget to look at security during the software development lifecycle, or the SDLC is what we call it. And this is where this course actually comes into play. I've created this course to help you make sure that you've dotted your i's, crossed your t's when it comes to creating software and applications without ignoring the security risks that, guess what, you might actually be creating. This course is also a part of a series of courses that cover the certifications for GCIH, ECIH, and CSA+. See, I can help you kill three birds with one stone there. Oh no, all the bird lovers are going to hate me. Now, some of the major topics that we'll cover in this course is I'm going to make sure that you have a grasp of a couple of different options when it comes to following any type of SDLC. There are several models that we'll look at. Also, make sure that you get a great understanding of the five phases that software runs through as it's being developed. We'll also focus on exactly how vulnerabilities creep into our environment, in ways that you may not have considered. Trust me, by the end of this course, you'll be able to look at your applications in a different mindset. You'll be able to share different methods with those that you work with, and you'll look at some of the best practices when it comes to including security as the major focus during the development of any and all applications. Now before beginning this course, I want you to make sure that you have a familiarity with basic network typologies, as well as some programming concepts, kind of from a 10, 000 feet view. You'll also want to have watched some of the other courses within this path. I hope that you'll join me in this adventure in learning with Secure Software Development, here at Pluralsight.