
Meet Joseph Holbrooke, a 25-plus year IT veteran with government security and military secure systems experience, who guides you into software development with data engineering, storage networking, and certifications.
No prerequisites exist for this course, which teaches software development lifecycle essentials and IT security best practices, and encourages practice and completing the series for success.
Identify and distinguish functional and non-functional requirements by analyzing measurable criteria, like 200 transactions per second and 99.95% uptime, to ensure testable software expectations.
Decompose high-level policy statements into lower level, repeatable security requirements and objectives, creating a detailed framework for compliance, audit risk management, and implementable technical controls.
Classify data to identify types, ownership, and labeling requirements, define data owner and custodian, and manage structured, unstructured, and semi-structured data with lifecycle controls.
Model use cases to design secure software that meets user needs and business requirements, then invert them into misuse cases to anticipate attacks like phishing or brute force.
Identify and apply key intellectual property concepts, including patents, copyrights, trademarks, and trade secrets, and recognize the role of warranties in software products.
Define and track security requirements with the security requirements traceability matrix (stm), a grid template that records requirements, sources, verification methods, compliance, and security features against the implementation plan.
Explore additional IT resources, including Tech commanders, GCP gurus, and GitHub, and discover security, blockchain, and cloud computing courses, ebooks, and 1-to-1 cloud coaching with Cloud Interview Ace.
Course Overview
In this Course 2 of the Secure Development Series we cover what secure software requirements are and why software can meet all quality requirements and still be insecure.
Please note that this course is providing introductory concepts for beginners and is NOT a programming course or has any hands on.
This course specifically, Secure Software Requirements is meant to provide learners a foundational start in software design that is focused around security. The course covers foundational concepts such as the functional and non functional requirements, Policy decomposition, data classifications, and misuse cases
The course continues on to cover Regulatory and Industry as well as legal requirements to name a few lessons.
The course provides some review questions and also whiteboard discussions to provide insight into some important topics.
Lastly, the course series covers(8 courses) about 65% or more of the exam objectives for the CSSLP exam when completing all eight courses!
There are many benefits of designing security early which we cover in this course.
This is a series of courses for learning about "Secure Software Development Fundamentals"
Course 1 - Secure Software Concepts
Course 2 - Secure Software Requirements
Course 3 - Secure Software Design
Course 4 - Defining Security Architectures
Course 5 - Secure Software Testing
Course 6 - Secure Software Acceptance
Course 7 - Software Deployment, Operations and Maintenance
Course 8 - Supply Chain and Software Acquisition
Who should take this course (Target Audience)?
You are a developer or software engineer and want to understand
You want to learn IT security fundamentals focused on software development
What are the Couse Pre Requirements?
There are no course pre-requirement
What You'll Learn
What are the critical aspects of secure development
What is the CIA Triad, AAA and other security fundamentals
Identify the correct software build requirements needed for a secure software program
Determine how to specify the proper software architecture to meet your software security requirements
Understand what the commonly accepted best practices are software acceptance
Determine the proper software acquisition and supply chain requirements for your software programs
Get to know the proper software testing procedure for a secure software program.
Requirements
No Requirements
Course Contents
Course Overview Instructor Intro Course Prereqs Course Overview Instructor Intro Course Prereqs Functional and Non Functional Requirements Identifying Security Requirements Policy Decompisition Data Classification Subject Object Matrix Use Case and MisUse Case Modeling Regulartory and Industry Requirements Legal Requirements Privacy Requirements Security Requirements Traceability Matrix Course Review Course Review Questions Course Closeout