Free Developer Security Training: Developer Essentials
Are you concerned about software security? Could your organisation be hurt by cyber-theft; could your customers suffer privacy leaks that would cause you huge fines, embarrassment or damage; or could rival organisations gain a march on you through digital stealth attacks?
If you work with software development teams, however professional they may be it's quite likely they may need support to change their ways of working to deal with these new security threats.
Security Lancaster now offers a ‘security package’ to empower a software development team to deliver cyber-secure software. We call it ‘Developer Essentials’.
It takes less than half a day of workshops to get a team’s leaders, programmers and testers more adept at software security. It also empowers one or two of the team to lead the workshops themselves in future. We’ve had success with several teams in small-to-medium sized companies, have improved the package accordingly, and will be improving the package further in cooperation with six further teams.
Interested? Please call Charles Weir on 07876 027350. Or read on...
The Training
We work with a suitable person from your own organisation, and support them in facilitating a series of workshop sessions. The sessions are as follows:
Introductory lecture, half-hour, outlining the techniques and the process (by ourselves).
- The 'Agile security game', an interactive workshop session to sensitise developers to the nature of typical attacks and the trade-offs around mitigations
- Threat assessment ('threat modelling') session around an active project in which the developers are involved
- Threat discussion session, based on the threats defined in the threat assessment
Following this session we normally have two or three one hour follow-up sessions – typically by videoconference - with the key participants over the next three months.
Research Implications
For research purposes, we also request the following. Those who have taken part tell us it helps consolidate their learning:
- A half hour introductory interview with four or five key participants before the sessions, and
- A half-hour exit interview with, as far as possible, the same participants following the end of the three month involvement
These interviews help us improve the techniques for you and others to use in future.
Costs and Confidentiality
We are happy to offer commercial levels of confidentiality, and anonymity.
Staff costs are paid for by the university, as part of our research.
Next Steps
To sign up while places are still available, please email Charles Weir now or call him on 07876 027350.