Secure SDLC Learning Path

Learn best practices for integrating security controls into your software.

9 hours, 33 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    9 hours, 33 minutes

  • Assessment

    questions

About Secure SDLC

This learning path teaches you the necessary Secure SDLC concepts to become an expert and educate the users or employees in your organization. Though we have different teams like Blue, Red and Purple involved in managing the security, these nine courses teach about how security is everyone's responsibility. We'll also look at how each phase of the SDLC moves into the next phase, with security awareness training moving into secure requirements and more.

 

Syllabus

Secure SDLC Skill Assessment

Assessment - 52 questions

Introduction to SDLC

Course - 00:24:00

Secure SDLC is a framework to establish software or system development by integrating security into every phase of the Software Development Life Cycle as security awareness training, secure requirements, secure design, secure build, secure deployment, secure validation, secure response and collaborative model or collaboration.
Security Awareness Training

Course - 01:02:00

Security awareness training is an education process to educate the employees and users about security in a specific area of interest. A comprehensive security awareness program for employees should train them on a variety of IT, security and other business-related topics. It may include how to avoid phishing and other types of social engineering cyberattacks, spot potential malware behaviors, adhere to any applicable data privacy regulations and more.
Secure Requirements

Course - 00:35:00

A secure requirement is a security feature that refers to functional and non-functional requirements that need to be satisfied to achieve the security attributes of an IT system. Security and privacy are fundamental aspects of developing highly secure applications and systems, regardless of the development methodology being used.
Secure Build

Course - 00:39:00

Secure build is a practice to apply the secure requirements and secure design principles to our development method. It helps to improve the development methods in order to better integrate security aspects with the goal of built-in security. This phase includes the actual engineering and writing of the application while attempting to meet all the requirements established during the planning or secure requirements phase.
Secure Validation

Course - 00:37:00

Secure validation means testing with a hacker's perspective or ethically hacking the system to ensure there is no gap with respect to information security. Secure validation is to test in a negative scenario like injection, cross-site scripting and other attacks and exploitation techniques. Secure validation can be done manually or automatically using tools, or a combination of both. The process includes static (SAST) and dynamic (DAST) analysis, vulnerability scanning, fuzzing, penetration testing and manual analysis of the reported result.
Secure Deploy

Course - 00:39:00

Many risks can be reduced if security considerations are baked into the deployment process and the responsibility for security is shared. Security used to be something that specialists applied to deployments.
Secure Response

Course - 00:34:00

A well-defined incident response plan allows you to effectively identify, minimize the damage and reduce the costs of a cyberattack while fixing the cause to prevent future attacks. It is the interface for external customers and security researchers to report security problems in products. Secure release occurs when all the security activities are confirmed against the final build and the software is sent to customers or made available for download.
Collaborative Model

Course - 00:25:00

The collaborative model, or collaboration, is an approach that applies to a wide variety of systems and has been used to solve the security issues inherent in the enterprise systems or distributed environments. Cybersecurity technology may be critical, but it needs processes in place to keep it effective. The collaborative model is possible when it is implemented properly.
Secure Design

Course - 02:00:00

Secure design applies to individual features created by the development or system team. These features can correspond to their respective secure requirements. The secure design review can be done at the same time as the functional feature design and should be applied consistently with a strong understanding of the protection they deliver.

Meet the author

John Prathab Packiaraj

John has 18 years of experience in IT and cybersecurity. Started as a software developer (Java) and shifted into the cybersecurity space with AppSec, SSDLC, DevSecOps, Cloud and Mobile Security, Security Architecture and Threat Modeling.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo