A4Q Cyber Security Essentials

IT-Security in Software Projects

  • Standard seminar

    2 days

  • Language

    German

Your Benefit

Sensitize your project team to the topic of security and enable all roles within the team to work on security recommendations. Prepare yourself and your team for the certification of the same name.

Goal

Any handling of IT demands a well thought-out protection of the IT infrastructure, but even the best technical security concept can be undermined if security-critical factors are disregarded in the operation or creation of software. For this reason, successful process models such as the Microsoft Security Development Lifecycle (MSDL) approach, ISO/IEC 27034-1 or the Open Software Assurance Maturity Model (OpenSAMM) recommend that every employee in a software project should receive solid basic training in IT security and specialized further training in accordance with his or her specific role in the project.

The course takes up these recommendations and provides a thorough introduction to IT security for all roles involved in a software development project, whether they are involved in the creation of an IT system, an application or an embedded system. The contents are illustrated by means of exercises and demonstrations.

Participants will receive a complete preparation for the Certified Security Essentials certificate exam.

Content

Introduction to aspects and methods of security

  • What is IT security?
  • Context of IT security: Assets, security gaps and threats
  • Laws & Standards
  • The Internet Protocol Suite
  • Malware
  • Typical attack patterns
  • Social Engineering
  • Basics of security in wireless networks

Security in project management

  • Orientation of project activities towards security-related activities
  • Security requirements that a particular system must meet
  • Understand and explain the activities required to develop secure software systems and applications

Security in development

  • Activities for the development of secure systems and applications
  • Frequent safety-relevant errors in development

Security in requirements engineering

  • Define basic security requirements
  • Frequent safety-relevant errors in requirements engineering

Security during testing

  • Testing as part of a security development life cycle
  • various types of safety tests

Security in IT risk management

  • How are threats detected and analyzed?

Prerequisites

Basic experience in IT projects.

target groups

  • Project Managers
  • Testers
  • Developers
  • Requirements Managers
  • Business Analysts
  • Test Managers
  • Test Consultants
Contact show/hide Contact show/hide

Your Contact to the Academy

Mrs. Doris Dötzer