Skip Navigation Links
Register
About Us
Contact Us
Press Room
Join Our Mailing List
Why Choose SQE Training
SQE.com
SQETraining.Com
Skip Navigation Links

  Skip Navigation Links
Register for Training
 
 
 
  Skip Navigation Links
Build-Your-Own Training Week
Public Course List
Event Locations
Certification Training
eLearning
On-Site Training
Learning Paths
Brochure Request
What our Students are Saying
Instructors
 

eLearning
 

Free Seminar
 

Agile Training
 

Testing Training
 
 

Architecture Risk Analysis
 
  ARCHITECTURE RISK ANALYSIS
Threat and Ambiguity Analysis Lead to More Secure Software 		 
       
  1-Day Course  
  Contact us at onsitetraining@sqe.com for on-site pricing  
 
 
  This Course is Available for On-site Training  
 
 
 

Printer Friendly Page
 
 
 


 
 
 
 
This course:
  Teaches you the techniques and methodologies to model threats, trust, and data sensitivity
  Demonstrates how to build abuse cases
  Details the three analyses that make up architectural risk analysis as described in Gary McGraw’s book, Software Security: Attack Resistance Analysis, Ambiguity Analysis, and Weakness Analysis
  Shows you how to integrate Architectural Risk Analysis with the management of security knowledge in your organization

Course Description
Architecture Risk Analysis defines concepts, methods, and techniques for analyzing the architecture and design of a software system for security flaws. Special attention is given to analysis of security issues in existing applications; however, the principles and techniques are applicable to systems under development.

Objectives
After successfully completing this course, you will:
  Know how to use existing artifacts to construct an architectural view of software that can be used during security analysis
  Be able to model threats against an architectural view of a system to determine vectors of attack
  Be able to describe abuse cases and characterize attack patterns that can be used against the software
  Understand how to apply analysis techniques to identify security flaws in the software architecture
  Understand how to apply risk management to manage threats and design flaws
  Understand why “building security in” is the right approach for the business
  Gain a clear understanding of how software can be exploited in order to improve your software’s design to create secure code


Intended Audience
The material in this course is appropriate for software professionals including developers and architects, security personnel responsible for software and application security, and testing and QA professionals.

Prerequisites
This course is deeply technical and includes interactive design and analysis exercises. To derive the greatest benefit, attendees should have experience with the software development process. Familiarity with C, C++, or Java is a plus. Background knowledge of security is not required, but is highly recommended.

Instructors
This course is usually delivered by Scott Matsumoto. Also available to deliver this course are John Steven and Pravir Chandra.

 
 
 
 

 
© 2008, SQE Training
For more information, email sqeinfo@sqe.com.
See our Privacy Policy.		  

Who's Behind the Training?
SQE Training is affilated with Software Quality Engineering, the publisher of StickyMinds.com and Better Software magazine.