Security Training for Software Developers
The training provides a basic overview of all relevant phases of a secure software development process. Participants learn how to better assess the security of their software and how to implement appropriate measures and activities in practice.
At a glance
General information
- Three-day practice-based training course (can be held in person or remotely)
- Flexible training agenda with variable key topics.
Target group
Software developers
Application examples
Overview of security activities in agile software development projects
Description
As software systems for digital business models increase in significance, so, too, do the threats facing those systems. If security is neglected or not taken into account from the outset, it is often merely a matter of time until problems arise. In addition to vulnerabilities, attacks, and data losses, reputational damage caused by negative media coverage and the associated loss of confidence can pose a serious risk to systems and companies.
Unfortunately, software development projects often neglect security in favour of tasks like developing functions, which are given higher priority. In some cases, companies may even be unaware of the importance of security.
Security in software development is not a once-off task which can be checked off the list shortly before the release date. The threat situation is constantly changing, and any modifications to a piece of software can lead to new security problems. In certain cases, the problems only come to light once the software has been released. Security should, therefore, be a constant companion throughout the agile software life cycle. The earlier security requirements can be identified and implemented, the easier this is.
In addition, there are also a wide variety of regulatory requirements for certain industries. These prescribe specific activities and measures which must be taken.
It is, therefore, important to fill any knowledge and skill gaps within the project team to enable appropriate security activities to be carried out and suitable tools to be utilized.
Our “Security Training for Software Developers” course provides a fundamental overview of all the relevant phases of a secure software development process. Participants will learn how to better evaluate the security of their software and how to practically implement appropriate measures and activities. The course is based on inovexperts’ own experience in software development projects, and the trainers will share real-life best practices.
We offer both public training courses on fixed dates and internal company training courses with customisable key topics.
Agenda
- Introduction to Security: Motivation and Security Goals
- Secure Design: Threat Modelling, Security Requirements, Risk Estimation
- Secure Coding: Security Patterns, Cryptography, Coding Guidelines
- Secure Testing: Static and Dynamic Security Tests, Fuzz Testing, Test Tooling
- Secure Operations: Secret Management, Logging, Monitoring, Alerting, Incident Management
- Secure Processes: DevSecOps, Supply Chain Security, Secure Development Life Cycle
Typical questions we answer:
- How can software developers identify and evaluate threats and risks to their software?
- Which security requirements should be taken into account when developing software, and how can these be implemented?
- Which best practices should be used in implementing authentication, authorisation, or cryptographic processes?
- Which tools and methods are available for testing and monitoring software security?
- Wie können Si How can security activities be integrated into the agile software life cycle, and which regulatory requirements must be taken into account? cherheitsaktivitäten in den agilen Software-Lebenszyklus integriert werden und welche regulatorischen Anforderungen müssen beachtet werden?
- signed certificate of completion
- in-house training
- Customization available (agenda, tech stack, language, etc.)
- small training groups
Why inovex Academy?
Our offerThe inovex Academy has set itself the task of passing on knowledge about methods and technologies that we already use successfully in our projects.
Curated content
Our trainers create a customized training offer based on your requirements.
Customizable tech stack
In exclusive trainings, we can consider your tech stack for the training content.
Individual assistance
If needed, we can tailor the training to a specific use case of your company and work directly based on your data.
Trainers
Our trainers are field-tested experts in their areas of expertise. Through their work in projects, they expand their knowledge day by day and pass on this know-how in their trainings - application-oriented and practice-oriented.
Simon Dreher
Clemens Hübner
Our training approach
From the needs analysis to the awarding of certificates, we offer customized training courses, flexibly designed and carried out according to your requirements.
If you are interested in in-house training, we will start by identifying your needs and discussing your objectives. This discussion forms the basis for an initial offer.
As soon as the framework data has been clarified, our trainers start adapting the training content. Many of our training courses have a modular structure and offer the opportunity to design the agenda flexibly. Training courses that prepare for certifications, on the other hand, are less flexible. Here, however, you can set the content focus according to your wishes.
You will receive all relevant information in advance of the training. The training will then take place in the room of your choice and at the agreed time. Our trainers will adapt to your requirements.
After completing the training, all participants receive a certificate confirming their participation. You will also have the opportunity to give us feedback on the content and the course. We are always happy to receive praise and suggestions for improvement.
Frequently Asked Questions
Will I receive a certification from this training course?
What time does the training course begin?
Will I receive an invitation? When will I receive it?
Which roles should attend this training?
Supplementary information
Collin Rogowski
Head of inovex Academy
I look forward to your inquiry.
Collin Rogowski
We are your partner for successful trainings
We would be happy to talk to you personally about your concerns. Get in touch now!
- Individual training offer for your company
- Over 25 years of experience as inovex Academy