Secure Software Development Lifecycle Training Program

Secure Software Development Lifecycle Training Program

The secure software development lifecycle training program is a training program developed by CDAC Hyderabad and IIT Bhilai with support from Ministry of Electronics and Information Technology. The training program is designed for developers, team leads, managers and educators to enable them incorporate security in every aspect of software development lifecycle approach. The program aligns with the "shift-left security approach" adopted widely in the industry.


Format of the Program

The program is divided into following two separate parts.

  1. 1. Training Program

    The training programs are conducted almost every month as the present one. Participants attending the training program and submit the completed the lab exercises and assignments will be considered to have completed the training program. Participants who have completed the training program will be given a "Training Participation Certificate".

  2. 2. Certification Examination

    A certification examination (NOT included in the training program) would conducted by CDAC Hyderabad and IIT Bhilai on designated day and location periodically. The examination, based on the content of the training program will have pass criteria of attaining minimum 65% (with 30% weightage for assignments and case study and 70% weightage for certification examination). Participants who register, appear and pass the certification examination will be given a "SSDLCP Certified Professional Certificate".

Target Audience

The program is targeted towards developers, team leads, managers and educators who are well-versed in the software development lifecycle phases. Participants having a minimum of one year working experience in software development are preferred for nominations and having knowledge in the following programming languages HTML, JavaScript, and Python programming are desirable.

Important Dates

  • Registration Open: February 1, 2025 09:00 am
  • Registration Deadline (along with payment): February 14, 2025 05:30 pm
  • Training Program Start: February 24, 2025 09:30 am
  • Training Program End: February 28, 2025 05:30 pm

Registration

Registration for the training program may be done by individual participants or bulk registration by an organisation for its employees.


Registration Fees

The training program fee is Rs 5000/- (excluding taxes) per participants and is non-refundable. The training program fee has to be paid as per the below particulars.

Name of the Organization Centre for Development of Advanced Computing(C-DAC)
Bank Name Bank of India
Branch Shamshabad, Hyderabad
Account Number 566310110004393
IFSC Code BKID0005663

The registration fee includes the following.

  • + 40 hours training program with hands-on
  • + Online access to course material and virtual lab environment for 3-6 months
  • + Lunch, tea and snacks for the five days of training program

Registration Links

Registraion can be performed by filling one of the following forms

Important Note

A registration is not considered complete untill registration fees is payed and filled in the form. If you have performed registration before payment of registration fees, the relevant information of payment (like Transaction reference and/or screenshot) can be submitted by editing the response previously submitted or by mailing the information to Dr. Amit Kumar Dhar, IIT Bhilai.

Training Program Schedule

The training program covers a wide variety of topics in SSDLC through lectures as well as hands-on practices. Participants may bring their own laptop for the hands-on sessions. The program is spread over 5 days with 8 contact hours per day.

Date Session I Session II Session III Session IV
24-02-2025 Introduction to Secure SDLC
(Topics 1-4)
Secure Software Requirements
(Topics 1-3)
Secure Software Requirements
(Lab)
Secure Software Design Considerations and Principles
(Topics 1-3)
25-02-2025 Secure Software Design Considerations and Principles
(Topics 4-7)
Secure Software Design Considerations and Principles
(Topics 4-7)
Secure Software Design Considerations and Principles
(Lab)
Secure Software Design Considerations and Principles
(Topics 8, Lab)
26-02-2025 Secure Software Implementation
(Topics 1,3,5)
Secure Software Implementation
(Lab)
Secure Software Implementation
(Topics 2,4)
Secure Software Implementation
(Lab)
27-02-2025 Secure Software Implementation
(Topics 6,7,9)
Secure Software Implementation
(Lab)
Secure Software Implementation
(Topics 8,10-12)
Secure Software Implementation
(Topics 13-17)
28-02-2025 Operations and Maintenance
(Topics 1,2)
Operations and Maintenance
(Lab)
Security Testing
(Topics 1,2)
Doubt Clarification

List of Topics

Introduction to Secure Software Development LifeCycle
  • Topic 1: Need for Secure SDLC
  • Topic 2: CIAAA
  • Topic 3: Defence in Depth and Resiliency
  • Topic 4: Cryptography and Security Metrics
Secure Software Requirements
  • Topic 0: Understand Sample Project Scenario
  • Topic 1: Define Security Requirements
  • Topic 2: Data Classification and Privacy Requirements
  • Topic 3: Security Requirements Traceability Matrix
Secure Software Design Considerations and Principles
  • Topic 1: Secure Software Design Considerations
  • Topic 2: Secure Software Architecture Principles
  • Topic 3: Secure Software Design Principles
  • Topic 4: Secure Design with Cloud (A Case Study)
  • Topic 5: Threat Analysis and Attack Surface Evaluation
  • Topic 6: Risk Assessment
  • Topic 7: Threat Modelling Methodologies
  • Topic 8: Software Composition Analysis
Secure Software Implementation
  • Topic 1: Secure Software Development Standards
  • Topic 2: Secure Coding Guidelines C++
  • Topic 3: Secure Coding Guidelines JavaScript
  • Topic 4: Secure Coding Guidelines Java
  • Topic 5: Secure Coding Guidelines Python
  • Topic 6: Client Server Architecture and HTTP
  • Topic 7: OWASP Top 10 Security Vulnerabilities
  • Topic 8: Web Security Configuration
  • Topic 9: Web Application Firewall (WAF)
  • Topic 10: OWASP AppSensor
  • Topic 11: REST API Security
  • Topic 12: Code Review (SAST&DAST)
  • Topic 13: Docker Architecture
  • Topic 14: Docker Commands
  • Topic 15: Docker Swarm Network
  • Topic 16: Building Docker Images
  • Topic 17: Docker Security
Security Testing
  • Topic 1: Security Goals, Objectives and Measures
  • Topic 2: Develop Security Test Cases Security Metrics
Operations and Maintenance
  • Topic 1: Continuous Integration/Continuous Deployment Tools
  • Topic 2: Secure Storage

Contact

For more information, accomodation and any query please reach out to Dr. Amit Kumar Dhar (amitkdhar@iitbhilai.ac.in)

Credits

Course Content Developed by



Supported by

Venue

Department of Computer Science and Engineering,
Agastya (ED 1) Building,
Indian Institute of Technology Bhilai,
Kutelabhata, Durg 491001.