With Certification
Free
Xprenia

Xprenia

Established in 2020, Xprenia is a self-managed e-learning platform that presents first-hand stories and knowledge from industry experts, always keeping you up-to-date with insights across the world.

Price: SGD 2,500

If you are interested, please email media@xprenia.com for the enrolment dates.

 


Overview
The stakes for software security are very high. Yet, many development teams deal with software security only after the code has been developed and the software is prepared for delivery. As with any aspect of software quality, security and privacy issues should be managed throughout the entire software development lifecycle to ensure successful implementation.


This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security and how to identify and remediate them in your projects. In addition, you will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development. 


Course Objective 

In this course, you will employ the best practices in software development to develop secure software.


You will:

• Identify the need for security in your software projects

• Use a Security by Design approach to design a secure architecture for your software

• Implement common protections to protect users and data

• Apply various testing methods to find and correct security defects in your software

• Maintain deployed software to ensure ongoing security


This course includes hands-on activities for each topic area. The goal of these activities is to demonstrate concepts utilizing two universal languages Python and JavaScript. Developers who use alternate languages will apply the principles from the activities to any coding language.


Hands-on exercises are designed to keep the typing of code to a bare minimum. CertNexus provides students with all of the code they need to complete activities. The activities do not require a “deep dive” into code to understand the principles being covered.



Who should attend?

This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy.


This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification.

 


Modules

(1) Identifying the Need for Security in Your Software Project

(2) Handling Vulnerabilities

(3) Designing for Security

(4) Developing Secure Code

(5) Implementing Common Protections

(6) Testing Software Security

(7) Maintaining Security in Deployed Software

(8) Examination (CSC-210)



Course Prerequisites

Hardware

For this course, you will need one computer for each student and one for the instructor.


Each computer will need the following minimum hardware configurations:

• GHz or faster 32-bit (x86) or 64-bit (x64) processor

• 2 gigabytes (GB) RAM (32-bit or 64-bit)

• 20 GB available hard disk space (32-bit or 64-bit)

• Keyboard and mouse (or other pointing devices)
• 1,024 x 768 resolution monitor recommended
• Projection system to display the instructor’s computer screen

• Local area network and Internet connection


Software

• Windows® 10/8.1/8/7/Vista (64-bit). This course was successfully keyed to Windows 10. Some activity steps may not be key exactly as written if students key on a different version of Windows.

• Python version 3.8.1 (python-3.8.1.amd64.msi, provided with the course data files)

• PyCharm Community Edition version 2019.3.3 (pycharm-community-2019.3.3.exe, provided with the course data files). Python is distributed under the Python Software Foundation License (PSFL). PyCharm Community Edition is distributed under the Apache® License 2.0

• If necessary, software for viewing the course slides. (Instructor machine only)



Course Content

Lesson 1: Identifying the Need for Security in Your Software Projects

• Topic A: Identify Security Requirements and Expectations 
• Topic B: Identify Factors That Undermine Software Security

• Topic C: Find Vulnerabilities in Your Software

Topic D: Gather Intelligence on Vulnerabilities and Exploits


Lesson 2: Handling Vulnerabilities

• Topic A: Handle Vulnerabilities Due to Software Defects and Misconfiguration
• Topic B: Handle Vulnerabilities Due to Human Factors

• Topic C: Handle Vulnerabilities Due to Process Shortcomings


Lesson 3: Designing for Security

• Topic A: Apply General Principles for Secure Design 
• Topic B: Design Software to Counter Specific Threats


Lesson 4: Developing Secure Code

• Topic A: Follow Best Practices for Secure Coding

• Topic B: Prevent Platform Vulnerabilities

• Topic C: Prevent Privacy Vulnerabilities

• Topic D: Protect Sensitive Data and Functions

• Topic E: Protect Database Access


Lesson 5: Implementing Common Protections

• Topic A: Limit Access Using Login and User Roles 
• Topic B: Protect Data in Transit and At Rest

• Topic C: Implement Error Handling and Logging

• Topic D: Protect Sensitive Data and Function

• Topic E: Protect Database Access


Lesson 6: Testing Software Security

• Topic A: Perform Security Testing

• Topic B: Analyse Code to find Security Problem

• Topic C: Use Automated Testing Tools to Find Security Problem


Lesson 7: Maintaining Security in Deployed Software

• Topic A: Monitor and Log Applications to Support Security

• Topic B: Maintain Security after Deployment 

• Appendix A: Mapping Course Content to Cyber Secure Coder (Exam CSC - 210)



Trainer

Selvakumaer Arunasalam

Selva is a hands-on coach with more than 17 years of experience in developing and delivering software. He has been conducting skill-based training in programming and web development for corporates, government ministries.  As the chief trainer for Android classes, he has equipped many students with the skills to undertake Android application development and prepare them with the TechSkills that will enhance their employability.



Reimbursement Policy 

Eligible trainees can receive the CITREP+ course fee support of up to 70% or up to 90% for this CITREP+ Course. For full information on CITREP+ eligibility, please visit go.gov.sg/tesacitrep



For more information about the course

Please contact media@xprenia.com.

Title Date/Time Duration Status
Please login to leave comment.