Secure development, S-SDLC, built-in security & privacy, ethical hacking

Introductory topics to cyber security, secure development and ethical hacking. Topics needed to create a self-supporting internal Secure Software Development LifeCycle (S-SDLC) and functional Information Security Management System (ISMS).

Security Training

Educating your developers and security resources are essential in order to build successful S-SDLC and ISMS programs. We encourage you to start small and give a common introduction to information security, cyber security, ethical hacking and cyber risk. This gives a common knowledge base that you can build on internally and enables resources to further specialize themselves within topics from security training specialists, such as SANS.

We cover security training in Live classroom sessions. Security training material is created after discussions with the company regarding your needs.

Security training are meant to cover security training requirements set out by the company’s ISMS and S-SDLC.

Our philosophy is that training shall be simple, to the point, but detailed enough that participants are prepared for specialization and can perform basic secure development functions in-house.

Our goal is to train internal resources to be able to cover the basic security functions and services needed to have a functional S-SDLC & DevSecOps process. Enabling the company find security issues in the “low-hanging fruits” category themselves. Saving costs, but also getting more value out of professional ethical hacking and red team services as they spend time finding more advanced security issues. (Note: such services are not provided by CISO Services, but our partners do).

How? We custom create course content based on your company’s need to support your Security Strategy and goals.

Example key deliveries;

  • Information Security awareness
  • Introduction to Secure Development
  • Introduction to OWASP top 10
  • Introduction to ethical hacking
  • Introduction to security incident management
  • Setting up an Internal Bug Bounty program
  • Threat updates

Contact CISO Services