The courses below were all published in 2015 or earlier. While we stand by pubishing them then, we’ve grown so much since. We recognize that these workshops don’t exactly meet our standards, as we understand them today.
All classes are available within our premium membership, and have adjusted CPE awards to reflect their respective contents. If you join, please keep in mind that some of the information inside might be outdated or not relevant. We’ll be adding notes at the beginning of each course to let you know what’s worth checking out in each!
The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription
- The course is self-paced – you can visit the training whenever you want and your content will be there.
- Once you’re in, you keep access forever, even when you finish the course.
- There are no deadlines, except for the ones you set for yourself.
Certificate of completion, no CPE credits
Module 1: The Basics of Software Security
- Types of Software
- What is Security Software?
- Secure Coding of Software
Module 2: Types of Software Security Testing
- Software Security Testing
- Core Values
- Front End Testing (FET)
- End-to-End Testing (E2E)
- Main Code Testing (MCoT)
- Black Box Method
- Security Code Review Tools
Module 3: Source Code Review Tools & Techniques
1. Why do we need tools?
2. Leading Source Code Review Tools
- IBM Rational Software
- Veracode SAST
- Secure Coding Validation Suite by CERT
- Microsoft CAT.NET
Module 4: Demo Code Review
- What is Flawfinder?
- How does it work?
- Practicing Flawfinder
Module 5: Security in Software Development Lifecycle
- Security in software Development
- What is security in the software development lifecycle?
- Industry Facts
If you have any questions, please contact our eLearning Manager at [email protected].
I was hoping deeper information but I think it’s a good introduction to be able to go further, the problem is presented and then each steps is then exposed.
Irwan Kurnawan Amat Sapuan –
Topic covered are not detailed in technical
[email protected] –
Content was good just not in depth enough. It was a good intro for someone not playing in this space to dig deeper.
There is a good Secure Source Code Review tool called Checkmarx CxAudit which is really good but not covered. Similarly for Armorize.
More coverage and examples could make the course better.
This course is a nice primer for people getting into security.
For security experts that are already familiar with SDL this is fine a fast review.