Lifelong learning for working professionals
Secure application development

Secure application development

Course Summary

Cyber threats are increasing at a rapid pace, and businesses that don’t build in security from the start risk becoming the next target. A single vulnerability in your code can cost millions in lost data, damaged brand and lost trust. When application layer vulnerabilities are the main target of attacks, it is critical to integrate security into the very foundation of the development process.

This course provides a thorough and comprehensive understanding of secure application development, combining theory with practical applications to equip developers, testers and IT leaders with the right tools. Designed to harmonize with modern development practices such as CI/CD, DevOps and DevSecOps, the course ensures that security becomes a natural part of the development flow – not an afterthought.

A packed day of briefings, exercises and group discussions. During the day, the course leader Viktor Laszlo shows various practical examples of how you can best define your security requirements, continuously work with secure application development, automate as much as possible, build your own secure development process and, above all, how to effectively test and verify security.

This product is currently out of stock and unavailable.

Course Objective

After the course, you will have good insight and ability in how to effectively integrate security into development work. You will have gained an increased knowledge of the threats that today’s IT systems are exposed to and how to best, from requirements to testing, work to mitigate these threats.

Target Audience

This course is aimed at professionals in software development, QA, testing, and project management who are looking to strengthen their knowledge in secure development. The course is also valuable for roles such as architects, test managers, product owners, and leaders in agile methodologies, all of whom can benefit from in-depth knowledge of secure development practices.

Prerequisites

To get the most out of the course, participants should have a basic understanding of threats to IT systems and experience in IT system development.

Certification

This course has no certification.

Trainer

Informator has several trainers for this course.

Course Details

Course content:

  • Clean Code and Secure Coding: Principles of how to write code with security as a priority.
  • Threat modeling with STRIDE: Identify and analyze potential security threats.
  • Reducing the attack surface: Strategies to limit potential vulnerabilities.
  • Security Analysis Tool: Includes both Static (SAST) and Dynamic (DAST) Application Security Analysis.
  • Standards for Safety Verification: Application of ASVS 4.03 to ensure highest safety standards.
  • Managing Third Party Dependencies: Methods to secure external libraries and tools.
  • FuzzTesting and OWASP Top10: Tools and methods to identify and fix common security issues.
  • Secure Development Lifecycle (SDL) and DevSecOps: Integrate security thinking into all stages of the development process.

Course Overview

1 day

Can’t find a (suitable) date, but are interested in the course? Send in an expression of interest and we will do what we can to find a suitable opportunity.

Register interest

Customized Courses

The course can be adapted from several perspectives:

  • Content and focus area
  • Extent and scope
  • Delivery approach

In interaction with the course leader, we ensure that the course meets your needs.

Contact us

Send an expression of interest for the training

Send an expression of interest for the training