Secure Software Development Life Cycle (SDLC)

The Secure SDLC learning path is a step-by-step approach to integrate the security controls into your software or system development life cycle. You will learn how to use each phase to develop or establish both proactive and reactive security controls across your organization. You can also learn about various tools, techniques and best practices to achieve your organizational goals.

9 courses  //   9 videos  //   7 hours of training

Free training week — 1,400+ on-demand courses and hands-on labs

Secure SDLC training

This learning path teaches you the necessary Secure SDLC concepts to become an expert and educate the users or employees in your organization. Though we have different teams like Blue, Red and Purple involved in managing the security, these nine courses teach about how security is everyone’s responsibility. We’ll also look at how each phase of the SDLC moves into the next phase, with security awareness training moving into secure requirements and more.

Learning path components

Secure SDLC Assessment
Assessment
Secure SDLC Assessment

Secure SDLC Assessment

See how your secure SDLC skills stack up against other professionals in your field.

Number of questions: 20

Secure SDLC Project
Practice Exam
Secure SDLC Project

Secure SDLC Project

In exercise 1, you'll download the Microsoft Threat Modeling Tool to practice a threat modeling approach. Exercise 2 focuses on using static application security testing using VCG (VisualCodeGrepper) and explores how to uncover the vulnerabilities in the source code (Java with Spring framework). Exercises 3 and 4 focus on white-box security testing and requires both automated tool-based analysis and manual analysis to explore the code in order to confirm the flaws that are possible in the web application.

Number of questions: 4

Introduction to SDLC
Course
Introduction to SDLC

Introduction to SDLC

In this course, you'll be introduced to Secure SDLC, a framework to establish system development by integrating security.

1 video
24 minutes of training

Security Awareness Training
Course
Security Awareness Training

Security Awareness Training

Security awareness training is an education process that teaches employees and users about cybersecurity, IT best practices and even regulatory compliance.

1 video
62 minutes of training

Secure Requirements
Course
Secure Requirements

Secure Requirements

Secure requirements are security features required by system users or a quality the system must have to increase the user's trust.

1 video
35 minutes of training

Secure Design
Course
Secure Design

Secure Design

Secure design applies to individual features that can correspond to their respective secure requirements.

1 video
120 minutes of training

Secure Build
Course
Secure Build

Secure Build

Secure build is a practice to apply the secure requirements and design to the software or system development.

1 video
39 minutes of training

Secure Deploy
Course
Secure Deploy

Secure Deploy

Secure deploy is for the purpose of formalizing and automating the deployment process in a secure way.

1 video
39 minutes of training

Secure Validation
Course
Secure Validation

Secure Validation

Secure validation is testing with a hacker's perspective to check whether the security controls are in place.

1 video
37 minutes of training

Secure Response
Course
Secure Response

Secure Response

Secure response is a structured methodology for handling security incidents, breaches and cyber threats.

1 video
34 minutes of training

Collaborative Model
Course
Collaborative Model

Collaborative Model

Collaboration is an approach that applies to a wide variety of systems.

1 video
25 minutes of training

 

What you’ll learn.

  • Secure SDLC framework
  • Overview of security awareness programs
  • Requirements to support security and privacy
  • How to design, build and deploy software to reduce risks
  • Techniques to test and validate software security
  • How to respond to security incidents during the code’s lifecycle

Who is this for?

  • Developers
  • Project managers
  • Anyone who wants to learn about secure software development

Meet the author

John Prathab

John Prathab has a master's degree in software engineering and more than a decade of experience in IT, with 12 years in application security and three years in software development.

His primary responsibilities are in Secure SDLC, including but not limited to threat modeling, secure DevOps, web application firewalls, static and dynamic application security testing, RASP, pentesting and red teaming in order to safeguard information and hold people accountable for security. He's interested in active learning, innovation and mentorship and is certified in ethical hacking, computer hacking and forensic investigation. He holds SANS GMOB and Data Virtualization Architect certificates.

Plans & pricing

Infosec Skills Personal

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training that you can trust

IDC MarketScape Leader: U.S. IT Training

IDC MarketScape Leader: U.S. IT Training

Infosec Skills

eLearning Content

eLearning Content

Infosec Skills

Best Product - Cybersecurity Training for Infosec Professionals

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Security Education & Platform

Security Education & Platform

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers

Ranked #52 in Top 100 Global Software Sellers

Infosec

SC Media names Infosec Skills Best IT Security Training

See for yourself why Infosec Skills leads the cybersecurity training industry.