Training Language:
Engels, Nederlands
Duration:
4 days
Category:
In the in-company Security Masterclass for Developers, you will learn how to design and develop software securely from the ground up. The training helps you solve the problem that security is often only considered late in the development process, leading to increased vulnerabilities and recovery costs. You will learn to integrate security directly into your development process, allowing you to build safe and robust applications more quickly.
We start with the fundamentals of application security and translate threat modeling into concrete security requirements and user stories. You will then work on recognizing and addressing vulnerabilities based on the OWASP Web Security Testing Guide and Cheat Sheets. Topics such as secret management, cryptography, and secure CI/CD pipelines will also be covered extensively, including SAST, DAST, SCA, IAST, and RASP. Additionally, you will learn how to ensure software supply chain security with SBOM, CycloneDX, and dependency tracking.
The Security Masterclass for Developers is highly practical and includes a mix of concepts and hands-on labs. You will also work extensively with the various components yourself. At the end of the training, there will be a CI/CD pipeline that includes the following components:
All concepts are explained with Python examples, but they are applicable to almost any programming language. Since this is an in-company training, examples in other languages are often possible, but in a mixed audience, Python is preferred as it is intuitive for most participants to understand.
After completion, you will be able to structurally anchor security in your development lifecycle and deliver safer software immediately.
In the in-company Security Masterclass for Developers, you will learn how to design and develop software securely from the ground up. The training helps you solve the problem that security is often only considered late in the development process, leading to increased vulnerabilities and recovery costs. You will learn to integrate security directly into your development process, allowing you to build safe and robust applications more quickly.
We start with the fundamentals of application security and translate threat modeling into concrete security requirements and user stories. You will then work on recognizing and addressing vulnerabilities based on the OWASP Web Security Testing Guide and Cheat Sheets. Topics such as secret management, cryptography, and secure CI/CD pipelines will also be covered extensively, including SAST, DAST, SCA, IAST, and RASP. Additionally, you will learn how to ensure software supply chain security with SBOM, CycloneDX, and dependency tracking.
The Security Masterclass for Developers is highly practical and includes a mix of concepts and hands-on labs. You will also work extensively with the various components yourself. At the end of the training, there will be a CI/CD pipeline that includes the following components:
All concepts are explained with Python examples, but they are applicable to almost any programming language. Since this is an in-company training, examples in other languages are often possible, but in a mixed audience, Python is preferred as it is intuitive for most participants to understand.
After completion, you will be able to structurally anchor security in your development lifecycle and deliver safer software immediately.
This training is scheduled as follows in the coming period. Missing a date? Feel free to contact us.
Location: Locatie naar keuze
This training can also be taken as part of the below learning path(s). If you want to follow multiple titles from a learning path, please contact our advisors for a suitable bundle offer.
Train smarter, not harder. TSTC's unique approach guarantees the effective acquisition of skills and the greatest chance of success.
Learn more about TSTC
