In this course students learn how security can be designed into, managed and maintained within a development lifecycle.
The Product Cybersecurity Design course begins with a quick review of the common security attacks and strategies to prevent those attacks. Using these concepts as a baseline to illustrate the ineffectiveness of a code-last strategy, the course then moves into a discussion on the importance of reframing security and thinking about security in the context of design. Through the reframing journey, the course introduces Domain-DrivenDesign as a useful mechanism to apply a secure-first strategy. Throughout this discussion, the course looks at implementation strategies and techniques and common issues that introduce threats into the codebase.
We will also walk through some of the security design principles which one needs to ensure while designing any Software or System architecture. These principles concentrate on architectural structures, whether hardware or software, that are required to Support Information protection. Overview on concepts like Least Privilege, Separation of Duties, Defense in Depth, Least Common Mechanism, Securing the weakest link and many more alike will be discussed as part of same.
- Explain the main SDLC Models and their principal differences
- Apply secure development techniques from the initial design stage and throughout a development lifecycle
- Recognize some of the latest vulnerabilities and how to counter mitigate them
- Interpret various testing strategies
PrerequisitesProduct Cybersecurity System Analysis (PSE600) or equivalent experience.
Duration18 Hours | 3 Days or 6 Nights
Applies Towards the Following Certificates
- Advanced Product Security Certificate Cybersecurity Track : Required
- Product Security Certificate Cybersecurity Track : Core - Required
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.