- Overview of Mobile Application Security
- Authentication and Authorization for iOS/Android Mobile Devices
- Data Protection for Android
- Validation and Encoding for Android
- Introduction to Web Application Security
- Secure Coding
for Java - Secure Coding
for .NET - Threat Modeling
- Software Security Remediation Basics
- CSRF Explained
Software Security Remediation Basics
Course Duration: 1 hour
Intended Audience: Security Professionals, Developers and Software Quality Assurance Staff
The security industry often pays a tremendous amount of attention to finding security vulnerabilities. This is done via code review, penetration testing and other assessment methods. Unfortunately, finding vulnerabilities is only the first step toward actually addressing the associated risks, and addressing these risks is arguably the most critical step in the vulnerability management process. Complicating matters is the fact that most application security vulnerabilities cannot be fixed by members of the security team because they require code-level changes in order to address the underlying issue successfully. Therefore, security vulnerabilities need to be communicated and transferred to software development teams and then prioritized and added to their workloads.
This self-paced, e-Learning course examines steps required to remediate software-level vulnerabilities properly, and recommends best practices organizations can use to be successful in their remediation efforts.
Lesson 1: Software Security Remediation Basics
Course Objectives: After completing this lesson, you should be able to:
- Understand the overall purpose, process, impact and phases of software security remediation projects
Lesson 2: Phase One - Inception
Course Objectives: After completing this lesson, you should be able to:
- Identify individuals and teams that should be involved in software security remediation projects
- Understand how to create a successful timeline and budget
Lesson 3: Phase Two - Planning
Course Objectives: After completing this lesson, you should be able to:
- Understand risks associated with software vulnerabilities and how risk is calculated
- Explain how manual and automated testing is used to find and confirm vulnerabilities
- Calculate the level of effort needed from various teams
- Schedule a software security remediation project
Lesson 4: Phase Three - Execution
Course Objectives: After completing this lesson, you should be able to:
- Explain the steps and methods necessary to fix vulnerabilities
- Understand how to test the quality of vulnerability fixes
- Provide metrics used to evaluate a software security remediation project
What Is ThreadStrong?
ThreadStrong is a self-paced, e-Learning solution designed by Denim Group's secure application development experts to help developers understand and apply the principles of secure design and coding.
ThreadStrong combines the hands-on knowledge of working software developers with the experience of world-sought trainers, who use best practices to provide practical and in-depth application security training content. Read more >>
Learn More About ThreadStrong
On-Site Training Available
If e-Learning is not the best solution for your training needs, the creators of ThreadStrong also offer application security training in classroom format.