From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep
Unlock the full course today
Join today to access over 24,500 courses taught by industry experts.
Security in the acquisition process
From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep
Security in the acquisition process
- [Instructor] During the software acquisition process, you'll rely on documentation provided by your supplier that helps you better understand their security posture. There are a few key documents and procedures that you'll want to request from your supplier. Your organization is likely to have multiple security policies around application development, especially after you take all the knowledge you've learned while studying for your CSSLP and start writing it down. The same holds true for any third parties who are developing software or software components that you intend to acquire. You may not have the same visibility into your supplier's organizations as you do your own, but you'll still want to validate that they're following their own internal policies. What I'm talking about here is different from a web application vulnerability scan report. Your interested in whether or not they follow secure software development practices and whether those practices are based on documented…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
(Locked)
Secure architecture and design patterns3m 43s
-
(Locked)
Identifying and prioritizing controls6m 15s
-
(Locked)
Traditional application architectures7m 23s
-
(Locked)
Pervasive and ubiquitous computing6m 43s
-
(Locked)
Rich internet and mobile applications7m 9s
-
(Locked)
Cloud architectures7m 8s
-
(Locked)
Embedded system considerations8m 45s
-
(Locked)
Architectural risk assessments6m 59s
-
(Locked)
Component-based systems5m 2s
-
(Locked)
Security enhancing tools4m 8s
-
(Locked)
Cognitive computing4m 37s
-
(Locked)
Control systems8m 34s
-
(Locked)
-
-
(Locked)
Components of a secure environment8m 25s
-
(Locked)
Designing network and server controls4m 22s
-
(Locked)
Designing data controls6m 25s
-
(Locked)
Secure design principles and patterns5m 6s
-
(Locked)
Secure interface design6m 49s
-
(Locked)
Security architecture and design review3m 6s
-
(Locked)
Secure operational architecture3m 37s
-
(Locked)