Hack2Secure presents a workshop on Secure SDLC with the aim of providing an assistance on how to integrate security at each and every phase ofthe web application development. The workshop guarantees the introduction on various web application security standards as well as best practice from OWASP,CERT, NIST, PCI-DSS, etc.
This training program can aid to explore the following standards and best practices in terms of web application security:
Secure SDLC Training Framework
The training program will be conducted in three set-ups: Management,Technical and Deep-Dive.
The Management track is planning to conduct for 2 days. Under this criterion the training program walks through:
- Overview and In-depth discussion on Training & Awareness about Secure SDLC.
- In depth knowledge on building security requirements.
- Overview of ensuring secure design.
- Overview of Secure Implementation Process.
- Overview of Application Security Testing.
- In-depth walk through on Security review and response.
- Overview of Security in Maintenance Cycle
The Technical track is planning to conduct for 3 days. Under this criterion the training program walks through:
- Linking security in every development phase.
- Concepts of secure design.
- Forming security baseline.
- Threat modelling.
- Secure application construction.
- Secure coding practice.
- Secure guideline review.
- Application security testing.
- Identifying and managing security threats in application.
- Managing third party security updates.
The Deep Dive track is planning to conduct for 5 days. Under thiscriterion, the training program walks through:
- Training & Awareness about Secure SDLC.
- security requirements.
- ensuring secure design.
- Secure Implementation Process.
- Application Security Testing.
- Security review and response.
- Security in Maintenance Cycle.
Keep in mind that these frameworks are subjected to change in the future in order to make the program more effective.