SECURITY TRAINING
Addressing software security effectively
means applying a framework of
focused activities throughout the
software lifecycle in addition to
implementing sundry security features
such as encryption or authorization.
Such activities allow software
professionals to begin building the
emergent property of security into
software at the start and continue the
process throughout the software
lifecycle.
When it comes to security education for
people involved in the production of
software, there are four main areas upon
which to concentrate:
• Understanding the breadth of the
problem, the common attacks
against software, and the effective
security practices
• Managing software security from
product planning through
implementation and deployment
• Engineering software the right way
from the ground up with solid
implementation, design, and
testing techniques
• Assessing applications from the
perspective of architecture, code, and
the running system
Given the variety of individuals
involved in software production and the
relatively large number of topics within
software security, it is important to keep
training centered on the most relevant
information for a given role. Cigital
provides training for multiple roles that
can be mapped to individuals involved
in a given software project, each with a
specialized and customizable learning
track:
• Software developers
• Architects and designers
• Development and project managers
• Business analysts and product
managers
• Test and QA engineers and managers
• Security auditors and reviewers
Cigital enables organizations to roll out comprehensive
training worldwide through our team of certified instructors,
content licensing and customization agreements, computer-
based training options, and delivery partners.
SECURITY TRAINING
UNDERSTAND
MANAGE
This course arms everyone with the basic
tenets of software security, including core
security concepts, principles of secure
design, security activities in the SDLC, a
security vulnerability overview,