The Product Cybersecurity Design course begins with a quick review of the common security attacks and strategies to prevent those attacks. Using these concepts as a baseline to illustrate the ineffectiveness of a code-last strategy, the course then moves into a discussion on the importance of reframing security and thinking about security in the context of design. Through the reframing journey, the course introduces Domain-Driven Design as a useful mechanism to apply a secure-first strategy. Throughout this discussion, the course looks at implementation strategies and techniques and common issues that introduce threats into the codebase.
Learning Objectives
Topics include: Explain the main SDLC Models and their principal differences, Apply secure development techniques from the initial design stage and throughout a development lifecycle, Recognize some of the latest vulnerabilities and how to counter mitigate them, Interpret various testing strategies
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.