Free Secure Software Support: Developer Essentials

Security Lancaster now offers a ‘security package’ to empower a software development team to deliver cyber-secure software. We call it ‘Developer Essentials’.

 

It takes less than half a day of workshops to get a team’s leaders, programmers and testers more adept at software security. It also empowers one or two of the team to lead the workshops themselves in future. We’ve had success with several teams in small-to-medium sized companies, have improved the package accordingly, and will be improving the package further in cooperation with six further teams. 

Interested? Please call Charles Weir on 07876 027350. Or read on...

The Training

We work with a suitable person from your own organisation, and support them in facilitating a series of workshop sessions. The sessions are as follows:

Introductory lecture, half-hour, outlining the techniques and the process (by ourselves).

  • The 'Agile security game', an interactive workshop session to sensitise developers to the nature of typical attacks and the trade-offs around mitigations
  • Threat assessment ('threat modelling') session around an active project in which the developers are involved
  • Threat discussion session, based on the threats defined in the threat assessment

Following this session we normally have two or three one hour follow-up sessions – typically by videoconference - with the key participants over the next three months.

Research Implications

For research purposes, we also request the following. Those who have taken part tell us it helps consolidate their learning:

  1. A half hour introductory interview with four or five key participants before the sessions, and
  2. A half-hour exit interview with, as far as possible, the same participants following the end of the three month involvement

The interviews help us to provide an objective assessment of the approach and its effectiveness, and hence to improve it for future use.

Costs and Confidentiality

We are happy to offer commercial levels of confidentiality, and anonymity.  

 

Expenses are paid for by the university, as part of our research.

Next Steps

To sign up while places are still available, please email Charles Weir now or call him on 07876 027350.