Overview
-
Learn the foundations of secure software design as you prepare for the third domain of the Certified Secure Software Lifecycle Professional (CSSLP) exam.
Syllabus
-
Introduction
- Secure software design
- What is threat modeling?
- Understand common threats
- Attack surface evaluation
- Identifying and prioritizing controls
- Traditional security architectures
- Pervasive and ubiquitous computing
- Identifying and prioritizing controls
- Cloud architectures
- Embedded system considerations
- Architectural risk assessments
- Component-based systems
- Security enhancing tools
- Cognitive computing
- Control systems
- Components of a secure environment
- Designing network and server controls
- Designing data controls
- Secure design principles and patterns
- Secure interface design
- Design security review
- Secure operational architecture
- Nonfunctional properties and constraints
- Data modeling and classification
- Next steps
