Hack2Secure Introduces Its “Secure SDLC” Workshop

Becoming a” secure champion “requires some basic knowledge on how to map the security in the software development life cycle. Having in-depth knowledge on web application security best practices and standards is essential to ensure the security of the web application.

With the aim of developing the knowledge and exploring the techniques for incorporating security into each phase of the SDLC, Hack2Secure proud to introduce the workshop on Secure SDLC.

With this workshop, we are delivering corporate training on the domains, including, but not restricted to:

  • Basic Security Concepts.
  • OWASP top 10 security breaches.
  • Secure Software development as well as assurance methodologies.
  • Security checkpoints and quality gates.
  • Software security risk management.
  • Incident Handling Plan.
  • Product Security Policy.
  • Threat Modeling.
  • Secure Designing Principles.
  • Final Security Review Plan.
  • Supply Chain Management.
  • Secure Coding Practice & Review Guidelines

Who Can Attend The Workshop?

The Workshop is planning to conduct in three tracks including Technical, Management and Deep Dive.

The technical track concentrates the following candidates:

  • Project / Program Managers.
  • IT/Product/Application Management.
  • Director.
  • Project Assurance Team

The Management track targets the following candidates:

  • Consultants.
  • Architects.
  • Analyst Developers.
  • Quality Assurance Team.
  • Penetration Testers.
  • Application Security testers.
  • Auditors.

Anyone who likes to explore deeply into the concepts of web application security process can attend the deep dive track of the workshop.

Program Scope Of Secure SDLC Workshop

Management scope covers the following areas:

  • Incorporating Security across SDLC.
  • Security risk evaluation and management.
  • Application Security Requirements.
  • Security quality gates.
  • Security Patch Management.
  • Security compliance and regulations.
  • Deployment and procurement risk.

Technical scope covers the following areas:

  • Mapping Security across SDLC.
  • Core and Design Security concepts.
  • Constructing security baseline.
  • Threat Modeling.
  • Application Security Testing.
  • Handling third party security updates.
  • Detecting and handling application security Threats.

The Deep Dive track covers the entire area that is considered under the technical and management phase. In addition, it also walks through processes of software security assessment.