Welcome to Scribd!

Secure Software Development Practices: 3 Day Workshop

Uploaded by

0% found this document useful (0 votes)

10 views1 page

This document provides information about a 3-day workshop on secure software development practices hosted by STQC. The workshop will cover topics related to incorporating security into the software development lifecycle such as security requirements, secure design and architecture, secure coding, threat modeling, input validation, and penetration testing. It will include lectures, hands-on exercises, and a final examination. Participants will learn how to identify and address common security vulnerabilities early in the development process. STQC is India's leading certification body for software products and this workshop will be delivered by their experts in application security and secure software development practices.

Original Description:

Original Title

SDLC

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

10 views1 page

Secure Software Development Practices: 3 Day Workshop

Uploaded by

abdel_lak

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 1

Search inside document

I

T

i
n
f
r
a
s
t
r
u
c
t
u
r
e

r
e
q
u
i
r
e
m
e
n
t

3 day Workshop
on
Secure Software Development Practices
IT Services

I
N
T
R
O
D
U
C
T
I
O
N

C
O
U
R
S
E

B
E
N
E
F
I
T
S

M
a
t
e
r
i
a
l

C
o
u
r
s
e

F
e
e
s

T
o
p
i
c
s

C
o
v
e
r
e
d

Inculcating security into software applications is big concern for software companies today. Numerous attacks are
being directed towards software applications and understanding these attacks and how to design software to
protect against attacks is becoming more of a necessity. This course provide a foundation for those professionals
who are responsible for designing, architecting, coding and testing software solutions, through a series of lectures
and hands on labs.

A
B
O
U
T

U
S

STQC is the Indias leading Certification body and recognized internationally for verification and validation of
software products throughout its life. STQC has a team of experts in the area of Software testing, Ethical hacking,
Auditing and Consultancy on software engineering. Experienced faculties trained aboard in the core Application
Security and Secure SDLC Practices.
This 3 day course deliveries a strong and in-depth view into fundamentals of Secure SDLC. Through a mixture of
lectures and hands on exercises, participants will learn how to frame security requirements, secure
design/Architecture, secure coding and identify common security vulnerabilities early in the development process
and how to eliminate these vulnerabilities.
Module 1: Introduction to STQC IT & Participants
Module 2: Key Issues of Secure Software Development
Module 3: Security in SDLC
Module 4: Threat Modeling
Module 5: Workshop - Exercise 1
Module 6: IT Security and requirement analysis
Module 7: Introduction to Cryptography
Module 8: Exercise 2 using Crypt tool
Module 9: Security Mechanism and Protocols
Module 10: Implementation of Security Mechanism

Module 11: All input is Evil!! Input Validation
Module 12: Buffer Overflows
Module 13: Database Security
Module 14: Workshop on Typical Attacks
Module 15: Web Application Flaw
Module 16: OWASP overview
Module 17: OWASP workshop
Module 18: Penetration Testing and Application Security Testing
Module 19: Open Question and Answers
(Group Exercise & Presentation on Exercises in between modules)
Examination on the third day at the end of the course (90 Minutes)
In-House On-Site
Course presentation slides and Lab Tools One copy of the course material in PDF format will be sent to
Workshop Exercises the organizer
(Including Lunch, Snacks, Tea) One CD containing Tools will be circulated to each participant
after registration

For course fee details please contact STQC
http://stqc.nic.in/ STQC
STQC Directorate, Department of Information Technology,
Ministry of Communications & IT, Govt. of India
Electronics Niketan, 6 CGO Complex,
New Delhi - 110 003, INDIA
CONTACT
10 desktops with the dedicated network having internet access. (Preferably P4 machines with 20GB HDD installed
with Windows 2000 server)

DFA Assessment
Document328 pages
DFA Assessment
MALOTH BABU RAO
76% (42)
OWASP Security Culture-1.0
Document26 pages
OWASP Security Culture-1.0
Luiz Henrique Custódio
No ratings yet
Book Nasscom
Document1,149 pages
Book Nasscom
Soumak Poddar
No ratings yet
Network Security v1.0 Scope and Sequence
Document10 pages
Network Security v1.0 Scope and Sequence
Rafael Gil Ferques
No ratings yet
CSSLP Education
Document2 pages
CSSLP Education
Naresh Ragula
No ratings yet
PEM FCristian 30441
Document4 pages
PEM FCristian 30441
farcasppt
No ratings yet
CND
Document4 pages
CND
Dandy González
No ratings yet
Program Details: IT Support Professional Certificate
Document1 page
Program Details: IT Support Professional Certificate
Ante
No ratings yet
Ankit Singh (+91-9890910807) Resume
Document3 pages
Ankit Singh (+91-9890910807) Resume
Ankit Singh
No ratings yet
CSCU Flyer
Document1 page
CSCU Flyer
Kiran Kumar
No ratings yet
Ethical Hacking Cyber Security
Document7 pages
Ethical Hacking Cyber Security
lemon choos
No ratings yet
REPORT FORMAT NIS Vaishnavi
Document7 pages
REPORT FORMAT NIS Vaishnavi
Madhuri Mogal
No ratings yet
Consultant Profile Template
Document4 pages
Consultant Profile Template
Anil Chiplunkar
No ratings yet
Cyber Security: Course Summary
Document17 pages
Cyber Security: Course Summary
alikhan
No ratings yet
7 Bonus Classes
Document7 pages
7 Bonus Classes
Dev Zak
No ratings yet
Ethical Hacking
Document7 pages
Ethical Hacking
Appin Nitin
No ratings yet
FINAL NIS Mahima
Document14 pages
FINAL NIS Mahima
Madhuri Mogal
No ratings yet
School of Science and Technology: Referral Coursework Assessment Specification (PG)
Document11 pages
School of Science and Technology: Referral Coursework Assessment Specification (PG)
Vishal Padhar
No ratings yet
Cyber Security: Post Graduate Program in
Document24 pages
Cyber Security: Post Graduate Program in
Nadeem Ms
No ratings yet
Sample Resume 1
Document3 pages
Sample Resume 1
Yugendra R
No ratings yet
Keylogger
Document13 pages
Keylogger
188amanraj
No ratings yet
Brochure en Informatie Opleiding Ethicus Hacker
Document11 pages
Brochure en Informatie Opleiding Ethicus Hacker
C. Van Dongen
No ratings yet
Security Threat and Vulnerability Assessment and M
Document21 pages
Security Threat and Vulnerability Assessment and M
joya
No ratings yet
Mini Project 2 Report
Document28 pages
Mini Project 2 Report
Inayat Baig
No ratings yet
CSE Live Syllabus
Document18 pages
CSE Live Syllabus
Akbar Shakoor
No ratings yet
Springboard Cybersecurity Career Track Syllabus
Document10 pages
Springboard Cybersecurity Career Track Syllabus
bacizone
No ratings yet
MIT Cybersecurity Master Program v13
Document24 pages
MIT Cybersecurity Master Program v13
Felix Flix Effiong
No ratings yet
Download
Document9 pages
Download
Hunted Beats
No ratings yet
CY Syllabus 2.0 BG Germany
Document12 pages
CY Syllabus 2.0 BG Germany
justinahuk
No ratings yet
SE Labmanual
Document37 pages
SE Labmanual
Harsh Joshi
No ratings yet
Penetration Testing Professional: The World's Premier Online Penetration Testing Course
Document55 pages
Penetration Testing Professional: The World's Premier Online Penetration Testing Course
Mehmet Emin Ozmen
No ratings yet
Siwes Report
Document14 pages
Siwes Report
ADIGUN Godwin
No ratings yet
Caltech Cybersecurity Certificate Program: Duration: 7 Months
Document15 pages
Caltech Cybersecurity Certificate Program: Duration: 7 Months
Theban Perumal
No ratings yet
BITS Pilani MTech Brochure
Document15 pages
BITS Pilani MTech Brochure
er.sbhardwaj4252
No ratings yet
Tanuja Cisco
Document15 pages
Tanuja Cisco
Subham Negi
No ratings yet
IE-1 Smartcity New
Document7 pages
IE-1 Smartcity New
Saurabh Asnare
No ratings yet
Zeeshan UPDATED
Document4 pages
Zeeshan UPDATED
siddharth.dubey
No ratings yet
Internship Report Yash
Document19 pages
Internship Report Yash
yuvraj.2024cs1076
No ratings yet
Thesis Web Application Security
Document8 pages
Thesis Web Application Security
stacyjohnsonreno
100% (2)
Syllabus PTP
Document48 pages
Syllabus PTP
kaxam
No ratings yet
15ca57 Thesis
Document56 pages
15ca57 Thesis
ashutosh singh
No ratings yet
Ethical Hacking Track: Certified Ethical Hacker: Programme Overview
Document6 pages
Ethical Hacking Track: Certified Ethical Hacker: Programme Overview
Tamirat Worku
No ratings yet
Keylogger - Report (Mini Project) - 1
Document23 pages
Keylogger - Report (Mini Project) - 1
Ash Ketchum
No ratings yet
Cyber Security and Applications
Document4 pages
Cyber Security and Applications
sj2100333
No ratings yet
Online Cyber Security Course
Document15 pages
Online Cyber Security Course
ashok
No ratings yet
Stanford Advanced Cyber Security Program
Document15 pages
Stanford Advanced Cyber Security Program
Karthik Kumar
No ratings yet
Tranchula
Document6 pages
Tranchula
Tariq Zafar
No ratings yet
Ecommerce and Web Security (Cber 705) : Assignment # 1
Document5 pages
Ecommerce and Web Security (Cber 705) : Assignment # 1
Mohit Sangwan
No ratings yet
Secure Software Developmentt
Document3 pages
Secure Software Developmentt
Rama Elhouni
No ratings yet
Internship Report
Document16 pages
Internship Report
BINDU YADAV
No ratings yet
Learning Services Securing Cisco Networks With Sourcefire Intrusion Prevention System
Document5 pages
Learning Services Securing Cisco Networks With Sourcefire Intrusion Prevention System
dexterroot
0% (1)
Systematic Literature Review On Security Risks and Its Practices in Secure Software Development
Document26 pages
Systematic Literature Review On Security Risks and Its Practices in Secure Software Development
casiah
No ratings yet
Ethical Hacking Cyber Security
Document7 pages
Ethical Hacking Cyber Security
anubhavkumar2607
No ratings yet
Cyber Secure Coder (Exam CSC-210) : Course Length: Overview
Document3 pages
Cyber Secure Coder (Exam CSC-210) : Course Length: Overview
Hai
No ratings yet
MGT Microproject
Document12 pages
MGT Microproject
Tanishka Patil
No ratings yet
First International Conference On Software Security (ICSS 2015)
Document1 page
First International Conference On Software Security (ICSS 2015)
CS & IT
No ratings yet
ICTNWK619 Assessment 4
Document15 pages
ICTNWK619 Assessment 4
Mitch
No ratings yet
Icss - 2015
Document2 pages
Icss - 2015
CS & IT
No ratings yet
SCSV Lab Manual 2023
Document72 pages
SCSV Lab Manual 2023
shivam
No ratings yet
2.2.2 - SIS - Design, Analysis, and Justification (EC50E - Online Version) - ISA
Document3 pages
2.2.2 - SIS - Design, Analysis, and Justification (EC50E - Online Version) - ISA
Roberto Carrasco
0% (1)
Security Engineering: CISSP, #3
From Everand
Security Engineering: CISSP, #3
Selwyn Classen
No ratings yet
InduSoft Application Design and SCADA Deployment Recommendations for Industrial Control System Security
From Everand
InduSoft Application Design and SCADA Deployment Recommendations for Industrial Control System Security
Richard Clark
No ratings yet
Parno CV
Document7 pages
Parno CV
abdel_lak
No ratings yet
Open Source Intrusion Detection System Using Snort: Conference Paper
Document8 pages
Open Source Intrusion Detection System Using Snort: Conference Paper
abdel_lak
100% (1)
Barracuda Web Application Firewall WP Advantage
Document4 pages
Barracuda Web Application Firewall WP Advantage
abdel_lak
No ratings yet
Journal of Environmental Science, Computer Science and Engineering & Technology
Document9 pages
Journal of Environmental Science, Computer Science and Engineering & Technology
abdel_lak
No ratings yet
Network Security: Compromises and Countermeasures: Key Words
Document6 pages
Network Security: Compromises and Countermeasures: Key Words
abdel_lak
No ratings yet
006
Document15 pages
006
abdel_lak
No ratings yet
VMware VSphere Enterprise DataSheet DS en
Document4 pages
VMware VSphere Enterprise DataSheet DS en
abdel_lak
No ratings yet
WatchGuard Training Course
Document1 page
WatchGuard Training Course
abdel_lak
No ratings yet
Master UOC
Document19 pages
Master UOC
abdel_lak
No ratings yet
Physically Restricted Authentication With Trusted Hardware
Document10 pages
Physically Restricted Authentication With Trusted Hardware
abdel_lak
No ratings yet
Institutional Firewall
Document6 pages
Institutional Firewall
abdel_lak
No ratings yet
Abowd Lane Barcelona 2004
Document10 pages
Abowd Lane Barcelona 2004
abdel_lak
No ratings yet
Computer Security and Machine Learning: Worst Enemies or Best Friends?
Document4 pages
Computer Security and Machine Learning: Worst Enemies or Best Friends?
abdel_lak
No ratings yet
Lecture 28: Web Security: Cross-Site Scripting and Other Browser-Side Exploits
Document48 pages
Lecture 28: Web Security: Cross-Site Scripting and Other Browser-Side Exploits
abdel_lak
No ratings yet
2014 SoNeUCON
Document60 pages
2014 SoNeUCON
abdel_lak
No ratings yet
Diploma PDF
Document1 page
Diploma PDF
abdel_lak
No ratings yet
Literature Study of Penetration Testing
Document6 pages
Literature Study of Penetration Testing
abdel_lak
No ratings yet
Security/Hacking: 2 Short Courses
Document1 page
Security/Hacking: 2 Short Courses
abdel_lak
No ratings yet
Cpte Amman
Document1 page
Cpte Amman
abdel_lak
No ratings yet
Unit 1 - The Web Application Security Problem - 2 PDF
Document44 pages
Unit 1 - The Web Application Security Problem - 2 PDF
oshwa_ish
No ratings yet
Springboard Cybersecurity Career Track Syllabus
Document10 pages
Springboard Cybersecurity Career Track Syllabus
bacizone
No ratings yet
Evaluationof Web Vulnerability Scanners Basedon OWASPBenchmark
Document7 pages
Evaluationof Web Vulnerability Scanners Basedon OWASPBenchmark
taslim bangkinang
No ratings yet
Becoming The Hacker 1st Edition
Document352 pages
Becoming The Hacker 1st Edition
yu niu
No ratings yet
Getting Started With Bug Bounty PDF
Document15 pages
Getting Started With Bug Bounty PDF
mojoxe
No ratings yet
Https - Maxtrain - Com - Product - F5-Networks-Setting-Up-Big-Ip-Advanced-Waf-V14-Web-Application-Firewall-Formerly-Asm - Export - PDF True
Document4 pages
Https - Maxtrain - Com - Product - F5-Networks-Setting-Up-Big-Ip-Advanced-Waf-V14-Web-Application-Firewall-Formerly-Asm - Export - PDF True
DDDD
No ratings yet
Ntospider
Document2 pages
Ntospider
Richard Rubenstein
No ratings yet
Saad Zitouni: About Me
Document2 pages
Saad Zitouni: About Me
saad zitouni
100% (1)
The Six Pillars of Devsecops: Automation
Document22 pages
The Six Pillars of Devsecops: Automation
wenapo
No ratings yet
Mobile Application Security Testing Initiative: June 2016
Document31 pages
Mobile Application Security Testing Initiative: June 2016
Raghu
No ratings yet
Hack2Secure Web Application Security Testing Courses
Document5 pages
Hack2Secure Web Application Security Testing Courses
agnes christenia
No ratings yet
CV
Document3 pages
CV
Alaa K. ElBehery
No ratings yet
Appwall Data Sheet: Taking Web Application Security To The Next Level
Document4 pages
Appwall Data Sheet: Taking Web Application Security To The Next Level
Navis Nayagam
No ratings yet
Designing SAP Application Security Protiviti PDF
Document12 pages
Designing SAP Application Security Protiviti PDF
Siddant
No ratings yet
Security Questions
Document27 pages
Security Questions
shikhaxohebkhan
100% (1)
RBI Circular For Cyber Security Controls For ASP Service Providers NTFE5
Document8 pages
RBI Circular For Cyber Security Controls For ASP Service Providers NTFE5
Ashish
No ratings yet
GBM Security Whitepaper 2019
Document32 pages
GBM Security Whitepaper 2019
fer
No ratings yet
12 Security Manager JD 0803
Document2 pages
12 Security Manager JD 0803
Akshat Dubey
No ratings yet
Appknox - Banking Sector
Document14 pages
Appknox - Banking Sector
Harsh
No ratings yet
Traits of Highly Successful Security Organizations: Executive Insights
Document15 pages
Traits of Highly Successful Security Organizations: Executive Insights
Com Digful
No ratings yet
Microsoft Corporation Improving Web Application
Document1,351 pages
Microsoft Corporation Improving Web Application
Trường Nguyễn
No ratings yet
Analysis of A High-Potential Business: Sqreen: Application Security Management Platform
Document13 pages
Analysis of A High-Potential Business: Sqreen: Application Security Management Platform
hinaya khan
No ratings yet
Maricopa County Forensic Audit Executive Summary and Recommendations
Document6 pages
Maricopa County Forensic Audit Executive Summary and Recommendations
KOLD News 13
100% (1)
5 Principles For Securing DevOps
Document14 pages
5 Principles For Securing DevOps
eltuerca71
No ratings yet
Trustwave Global Security: Data Compromise
Document105 pages
Trustwave Global Security: Data Compromise
John Glass
No ratings yet
OWASP API Security Top 10 (2019)
Document31 pages
OWASP API Security Top 10 (2019)
socialspider
No ratings yet
Veracode State of Software Security Report Volume 2
Document36 pages
Veracode State of Software Security Report Volume 2
Veracode
No ratings yet
Python Secure Coding
Document45 pages
Python Secure Coding
Anonymous F0TdVTdRe
No ratings yet