Description
This non-technical course will introduce you to an Overview of IT Security Risk Management: A Lifecycle Approach (ITSG-33) as it relates to software development. Participants will learn about the relevant classes and families of the security control catalogue to counter common vulnerabilities and weaknesses in software.
Objectives
- Apply the ITSG-33 approach to your SDLC and environment
- Identify common vulnerabilities and how to fix them
- Understand the impact of technical vulnerabilities introduced in development
- Know techniques for conducting effective security code reviews
- Apply security controls from ITSG-33 throughout the SDLC
- Be more familiar with considerations for deploying and maintaining secure applications
Target audience
Application Developers, IT Security Practitioners and Project Managers
Prerequisites
Prior to attending, it is recommended that participants take course 601 - Introduction to IT Security Management.