Microsoft SDL Core Training

The Combined SDL core training gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL). It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process.

Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs of both managed and native code. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code.

Audience

§ Project Managers

§ Software Developers

§ Architects

§ Testers

Course Objectives

Participants attending this course will:

§ Understand basic concepts of security, IT security and secure coding

§ Get known to the essential steps of Microsoft Secure Development Lifecycle

§ Learn secure design and development practices

§ Learn about secure implementation principles

§ Understand security testing methodology

§ Get sources and further readings on secure coding practices

Prerequisites

Basic software development

Outline

§ IT security and secure coding

§ Introduction to the Microsoft® Security Development Lifecycle (SDL)

§ Secure design principles

§ Secure implementation principles

§ Secure verification principles

§ Knowledge sources