This unit covers in depth the principles of developing software in a secure manner with a focus on: software development requirement analysis, design, implementation, testing, and deployment. Students will have an opportunity to explore the issues related to secure software development from a management perspective. Software security touch points will also be explored and students will be equipped with the skills to perform architectural security risk analyses for enterprise level applications. Software security metrics and how they meet the security operations will also be addressed. This unit covers the software development security domains of the Certified Information Systems Security Professional (CISSP) certification.
PRESCRIBED TEXT - THE WEB APPLICATION HACKER'S HANDBOOK: FINDING AND EXPLOITING SECURITY FLAWS