Secu­re Coding / secu­re design trai­ning for developers

The SEC4YOU Secure Coding / Secure Design training offers in proven training method a comprehensive training for development teams, DevOps teams and DevSecOps teams, where the knowledge can be applied regardless of the programming language or developer tools used.



Secu­re Design / Secu­re Coding Agenda:

  • Basics of Secu­re Design and Secu­re Coding 
    • Requi­re­ments
    • Vali­di­ty for dif­fe­rent platforms
    • only com­ple­te trai­ning: in-depth examp­les in dif­fe­rent pro­gramming languages
  • Over­view of best prac­ti­ces and standards 
    • Com­mon Weak­ne­ss Enu­me­ra­ti­on — CWE®
    • OWASP Top 10 Web Appli­ca­ti­on Secu­ri­ty Risks
    • PCI DSS Secu­re Soft­ware Appli­ca­ti­on Development
    • SEI CERT Coding Standards
    • only in the com­ple­te trai­ning cour­se: OWASP Top 10 typi­cal exploits in examples
  • Vul­nerabi­li­ties in applications 
    • com­mon mistakes
    • Sel­ec­ted case studies
    • only in com­ple­te trai­ning: eva­lua­ti­on of deve­lo­p­ment examp­les of the cli­ent (optio­nal)
  • Inte­gra­ti­on of secu­re coding stan­dards into own processes
  • Adapt­a­ti­on of auto­ma­tic tests 
    • Con­ti­nuous Inte­gra­ti­on (CI) with Secu­re Coding
    • Desig­ning secu­ri­ty tests
    • Fuz­zing
    • only in the com­ple­te trai­ning: prac­ti­cal examp­les for auto­ma­ted testing

The aim of the trai­ning is to crea­te an under­stan­ding and accep­tance among deve­lo­pers for a sus­tainable impro­ve­ment of infor­ma­ti­on secu­ri­ty in soft­ware deve­lo­p­ment pro­jects. The­se impro­ve­ments result in a struc­tu­red imple­men­ta­ti­on of the lear­ned know­ledge in the enti­re life cycle of the pro­jects and enable a long-term increase in infor­ma­ti­on security.

The trai­ning is desi­gned for soft­ware deve­lo­pers, DevOps and Dev­Se­cOps teams and requi­res a basic know­ledge of infor­ma­ti­on secu­ri­ty. The con­tent of the par­ti­cu­lar­ly effi­ci­ent inten­si­ve trai­ning (1 day) and the exten­ded com­ple­te trai­ning (2 days) is iden­ti­cal except for in-depth examples.

Tog­e­ther with the deve­lo­p­ment manage­ment or the com­pany’s trai­ning mana­gers, we coor­di­na­te the con­tents and frame­work con­di­ti­ons of the employees to be trai­ned in a preli­mi­na­ry dis­cus­sion. The coor­di­na­ti­on takes about 60 minu­tes and takes place online.

The trai­ning pre­sen­ta­tion is made available as a PDF docu­ment after the training.

Num­ber of par­ti­ci­pan­ts: up to 12 par­ti­ci­pan­ts per trai­ning block


Inten­si­ve trai­ning: 1 working day of online trai­ning, plus approx. 60 minu­tes of preli­mi­na­ry dis­cus­sion with the client.

Com­ple­te trai­ning: 2 working days of online trai­ning, plus approx. 60 minu­tes of preli­mi­na­ry dis­cus­sion with the client.

Lan­guage: Ger­man or English

Medi­um: Online trai­ning via Zoom, Micro­soft Teams or mee­ting plat­form pro­vi­ded by client

Dates: We will cont­act you as soon as pos­si­ble after your order for the pur­po­se of coor­di­na­ting dates and preli­mi­na­ry discussions.

