Learning Path

Secure SDLC

Learn best practices for integrating security controls into your software.

What you will learn

This learning path teaches you the necessary Secure SDLC concepts to become an expert and educate the users or employees in your organization. Though we have different teams like Blue, Red and Purple involved in managing the security, these nine courses teach about how security is everyone’s responsibility. We’ll also look at how each phase of the SDLC moves into the next phase, with security awareness training moving into secure requirements and more.

Wistia video thumbnail


Introduction to SDLC

Course — 00:23:45

K0005, K0039, K0165

In this course, you’ll be introduced to Secure SDLC, a framework to establish system development by integrating security.

Security Awareness Training

Course — 01:01:46

K0005, K0039, K0243

Security awareness training is an education process that teaches employees and users about cybersecurity, IT best practices and even regulatory compliance.

Secure Requirements

Course — 00:35:03

K0039, K0044, K0263, K0624

Secure requirements are security features required by system users or a quality the system must have to increase the user’s trust.

Secure Build

Course — 00:38:32

K0039, K0153

Secure build is a practice to apply the secure requirements and design to the software or system development.

Secure Validation

Course — 00:37:07

K0028, K0091, K0290

Secure validation is testing with a hacker’s perspective to check whether the security controls are in place.

Secure Deploy

Course — 00:38:32


Secure deploy is for the purpose of formalizing and automating the deployment process in a secure way.

Secure Response

Course — 00:34:15

K0039, K0042

Secure response is a structured methodology for handling security incidents, breaches and cyber threats.

Collaborative Model

Course — 00:25:28

K0039, K0198

Collaboration is an approach that applies to a wide variety of systems.

Secure Design

Course — 02:00:02

Secure design applies to individual features that can correspond to their respective secure requirements.

Secure SDLC Skill Assessment

Assessment — 52 questions — 00:26:00

Meet the author

John has 18 years of experience in IT and cybersecurity. Started as a software developer (Java) and shifted into the cybersecurity space with AppSec, SSDLC, DevSecOps, Cloud and Mobile Security, Security Architecture and Threat Modeling.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every lnfosec Skills subscription so your team can skill up however they learn best.

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

You're in good company


We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus


This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson


We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client