|
Security University, a member of the Microsoft SDL Pro Network
Security University is the world leader in Qualified/ Software Security Training & Certification since 1999. Today, we are proud to be a member of the Microsoft SDL Pro Network, a group of security consultants and trainers that specialize in application security and have substantial experience and expertise with the methodology and technologies of the Security Development Lifecycle (SDL), the the industry-leading software security assurance process.
Microsoft recognizes Security University’s expertise and years of experience involving the same methodologies and technologies associated with the SDL. As member of the Microsoft SDL Pro Network, SU is committed to help coders & application developers address their current security problems by assisting them incorporate SDL in their code writing processes.
The Impact of Cyber Crime
Incidents of cyber crime continue to grow. Criminals constantly seek out every angle and opportunity the Internet offers them to capitalize and gain financial reward with a relatively low risk of getting caught and punished.
The vast majority of vulnerabilities are found in software that is produced by smaller software vendors. No matter how good a job your IT team does in locking down vendor software, a poorly developed application can open the system wide to attack. In fact, 90% of new vulnerabilities in 2008 were in applications and browsers, while only 10% occurred in Operating Systems.
It's your responsibility to set up a strong secure coding program, regardless of the software you write, software protocols, or internal processes. Knowing secure coding techniques that minimize the adverse effects of SQL or other malicious hacker attacks on code is critical, and knowing how to implement the Microsoft SDL is equally as important.
Security University integrates the Microsoft SDL in all Q/SSE certification classes.
Training is the SDL’s first capability area and first step in the implementation of SDL. The perfect solution is Security University’s qualified software security certification training. Security University’s Qualified Software Security Expert certification classes closely follow the SDL and were designed to ensure security and privacy are a critical part of how software is developed.
Security University provides SDL core training classes:
Introduction to the Microsoft Security Development Lifecycle
Basics for Secure Design, Development and Test
Introduction to Threat Modeling
Privacy for Software Development
We also provide secure coding skills classes to develop more secure applications and reduce the risks of malicious and costly attacks from flaws, vulnerabilities, bugs and misconfigurations. Our classes target SDL training in each Q/SSE Qualified/ Software Security Expert certification class.
View Frequently Asked Questions about SDL
Q/SSE QUALIFIED/ SOFTWARE SECURITY EXPERT CERTIFICATION
Security University has incorporated Microsoft’s SDL into each of the following Qualified Software Security Expert certification classes:
Q/SSE® Qualified/ Software Security Expert 5-Day Bootcamp
A three-part, five-day class that delivers the best of all of the Qualified Software Security Expert classes and more. Learn how to prevent attacks with a step-by-step process on how to fix software with counter measures that protect your code. Completing and passing this Q/SSE class proves you have mastered the tactical software security skills labs and proves your "qualified" for the job.
Q/SSPT® Qualified/ Software Security Penetration Testing
A five-day hands-on workshop that introduces you to “how to penetrate your software”, a step-by-step methodology to effectively and efficiently attack software and break & fix software. This workshop is presented in an "interwoven" format where each topic has a hands-on component so that you can explore the attacking techniques and software tools using real software. Students gain insight, experience, and a nose for where bugs are hiding.
Q/ST® Qualified/ Software Security Testing BootCamp
A hands-on class allowing students to work together on actual project applications, attacking for security vulnerabilities that they are programming day in and day out. The class takes top quality assurance testers and makes them into software security attackers with passion, knowledge and experience to test applications
How to Break & FIX Web Applications
A five-day class that focuses on the web as the Internet's killer application. Web servers are the target of choice for hackers, with 97% of all web applications vulnerable. This class explores a model for web application testing as well as web application concerns, including accountability, availability, confidentiality and integrity.
How to Break & FIX Software
A two-day hands-on workshop that introduces you to "how to break software," a 17-step methodology to effectively and efficiently test software. This workshop is presented in an "interwoven" format where each topic has a hands-on component so that students can explore the testing techniques and software tools using real software.
Q/SSH® Qualified/ Software Security Hacker/ Defender
A five-day class that provides examples of security breaches, current day exploits, and vulnerabilities of real software code. Case studies illustrate the broad range of threats that organizations face from both external attackers as well as insiders. The class reviews underlying flaws, exploits, vulnerabilities, consequences, and mitigation techniques for each attack scenario.
Introduction to Reverse Engineering
A class designed to provide software testers and developers the skills to break even the most secure applications. As an introduction, the course lays the foundation for acquiring the skills that when collectively applied are known as reverse engineering. The course covers the complimentary techniques of static and dynamic analysis and how together they can be used to identify vulnerable hot spots in applications.
|
