Explore essential application security concepts as you study for the first domain in the Certified Secure Software Lifecycle Professional (CSSLP) exam: Secure Software Concepts.
Overview
Syllabus
Introduction
- Building secure software
- What you should know
- The goals of application security
- Confidentiality
- Integrity
- Availability
- Authentication
- Authorization
- Accountability
- Nonrepudiation
- Least privilege
- Separation of duties
- Economy of mechanism
- Complete mediation
- Defense in depth
- Resiliency
- Open design
- Least common mechanism
- Psychological acceptability
- Leveraging existing components
- Eliminate single point of failure
- Diversity of defense
- Next steps
Taught by
Jerod Brennen