Secure Software Design Course Overview

This document is a course outline for Secure Software Design, aimed at Developers and Software Architects seeking to understand secure software architecture practices. It details the integration of secure design principles throughout the software development lifecycle, emphasizing key areas such as least privilege, modular programming, and separation of duties. The course covers essential topics including threat modeling, attack surface analysis, and risk management strategies. It also addresses data security, cryptography, privacy techniques, and access controls, focusing on the principles of confidentiality, integrity, and availability. Additionally, the course reviews security standards such as NIST, OWASP, ISO/IEC 27001, and PCI DSS, providing a framework for a robust security strategy. The course is designed to prepare participants for CSSLP certification and recommends prior completion of AppSec Fundamentals and Secure Software Requirements.