ENG 211 - How to Create Application Security Design Requirements
Course Details
Course Number: ENG 211
Course Duration: 15 minutes
Course CPE Credits: .3
NICE Specialty Areas
Related Learning Paths
- .NET Developer
- Android Developer
- Web Developer
- C# Developer
- Cloud Developer
- C++ Developer
- HTML5 Developer
- Back-End Developer
- Core Developer
- Front-End Developer
- iOS Developer
- C Developer
- IoT & Embedded Developer
- JavaScript Developer
- Microsoft SDL Developer
- Mobile Developer
- Node.js Developer
- PCI Developer
- PHP Developer
- Python Developer
- Ruby on Rails Developer
- Swift Developer
- Java Developer
- Engineer
- Q/A Test Engineer
- Embedded Test Engineer
- Ethical Hacker
- IT Architect
- Software Architect
- Business Analyst
- Systems Analyst
- Database Administrator
- Development Manager
- Product Owner
- Project Manager
- Information Security Specialist
- Application Security Champion
Related Subject Matter
Foreign Languages Available:
- English
Course Overview
To preserve the confidentiality, integrity, and availability of application data, software applications must be engineered with security in mind. Without defined security requirements, design choices will be made without security guidance and security testing cannot be effective.
This course provides technical and non-technical personnel with the knowledge to understand, create, and articulate security requirements as part of a software requirement document.
Topics include:
- Applying the application security maturity (ASM) model to the development process
- Key security engineering activities: gathering security objectives, applying security design guidelines, and creating threat models
- Identifying threats, attacks, vulnerabilities, and countermeasures
- How to conduct impactful security architecture and design reviews to identify potential security problems and minimize the application’s attack surface.