Dates: To be advised
Level: Intermediate
Time: 9am to 5pm
Venue: Online via ZOOM
With rising risks and ever-evolving cyber threats that constantly pressure organisations, enterprises and government institutions, it is important to ensure that we build and configure our IT systems and devices with security in mind right from the start. This is where this course will enlighten you on what secure software development entails.
By the end of the course, participants will be aware of the secure software development process, the various development methodologies and generally-accepted principles and guidelines for software security.
Topics
- Elicit Security Requirements
a. UML-Misuse Case Modelling
b. Threat Modelling
c. Analyse Security Requirements
d. Cost-Benefit Analysis - Design for Security
a. Threat Modelling
b. Design Patterns
c. Secure Design Patterns
d. Attack Surface Analysis / Reduction
e. Secure Design Principles
f. Cost-Benefit Analysis - Implementation
a. Coding and secure Code Inspection
b. Validation - Discovery of Security Vulnerability and Risks
a. OWASP
b. Common Vulnerabilities and Exposures
c. Tools for discovery - Corrective Security Actions
- Security Challenges in Agile
- Secure Development Models
a. Secure Software Development Model (SSDM)
b. The STRIDE Threat Model (Microsoft)
c. Open SAMM (OWASP) - Quiz
Francis Mahendran has over 25 years of experience in the IT industry. He has a Masters in Software Engineering from the National University of Singapore (NUS) and a Specialist diploma in IT Security from Nanyang Polytechnic. He is a certified Six Sigma Green Belt (Motorola), Certified Information Systems Auditor (CISA), Certified SCRUM Master (CSM) and also a Certified Software Quality Analyst (CSQA). His key specializations are IT Governance, Process & Quality Assurance, Secure Software Development, Cybersecurity, Cloud Migration Process, Quality Management Frameworks (CMMI, ITIL, ISO 27000), assessments and audits. Francis has led Motorola Software Centre, Singapore to CMMI Level 5 certification in 2005.
Francis Mahendran was the lead architect of the Motorola Secure Software Development Model (MSSDM). Francis was instrumental in creating the MSSDM and also deploying the model across all Motorola Software Centres globally. MSSDM was presented at the Software Engineering Institute’s CMMI conference, 2006 (Nashville) and in 2007 (Texas).
Francis lectures at various Universities and polytechnics. He is an adjunct lecturer at SUSS.
His areas of training and lecturing include, Secure Software Development Model, Cybersecurity, QA for SCRUM, Project Management using Agile, SCRUM Metrics and burndown analysis, Auditing agile, Cloud Migration, Data Analytics, Business Information Technology, Computer Architecture and Operating Systems.
Application Procedures
Please submit the following documents to cet@suss.edu.sg:
- Coloured copy (back and front) of NRIC for Singaporeans and PRs, or "Employment"/"S" Pass for foreign applicant
- Application form
1 Mid-Career Enhanced Subsidy: Singaporeans aged 40 and above may enjoy subsidies up to 90% of the course fees.
2 Enhanced Training Support for SMEs: SME-sponsored employees (Singaporean Citizens and PRs) aged 21 and above may enjoy subsidies up to 90% of the course fees.
- Participants are required to achieve at least 75% attendance and pass any prescribed examinations/assessments or submit any course/project work (if any) under the course requirement.
- Participants are required to complete all surveys and feedbacks related to the course.
- The course fees are reviewed annually and may be revised. The University reserves the right to adjust the course fees without prior notice.
- Singapore University of Social Sciences reserves the right to amend and/or revise the above schedule without prior notice.
For clarification, please contact the SUSS Academy via the following:
Telephone: +65 6248 0263
Email:
CET@suss.edu.sg