Secure IoT Development Lifecycle

Location

Remotely

On-site

Audience

Developers, Testers

Language: English

Duration

24 hours over 6 days

Overview

All topics are presented for a small group audience (max 15 persons) in a remote fashion. On-site training is available upon request. The trainers have prepared interactive examples and exercises for the audience for topics where possible (TARA creation, security testing, fuzzing).

What you'll learn

Threat Analysis and Risk Assessment

Workflow

Item Definition

STRIDE

Attack Path Analysis

Risk Rating

Mitigation Strategies

Secure Development Lifecycle

Defense in Depth - Security Requirements

Secure by Design - Security Architectural Design

Secure Implementation - Secure, Defensive Coding

Security Testing

Secure Deployment and Maintenance

Post-Market Concepts

Penetration Testing

Hacking History and Common Pitfalls

Functional vs. Security Testing

Interface/Protocol Analysis

Debugging/Diagnostic Pitfalls and Evaluations

Secure Communication

Attack Methods: code analysis, side channel analysis, fault injection

Fuzzing

History

Fuzzing explained: input generation, monitoring, bug oracles, remediation proof

Example fuzzers

Grow these skills

Secure Development Lifecycle

Cybersecurity Threat Analysis and Risk Assessment

Penetration Testing

Fuzzing

Cybersecurity Awareness

Risk Analysis and handling

Interested in this training for your team or business?

Secure IoT Development Lifecycle

Location

Remotely

On-site

Audience

Developers, Testers

Language: English

Duration

24 hours over 6 days

Overview

What you'll learn

Threat Analysis and Risk Assessment

Workflow

Item Definition

STRIDE

Attack Path Analysis

Risk Rating

Mitigation Strategies

Secure Development Lifecycle

Defense in Depth - Security Requirements

Secure by Design - Security Architectural Design

Secure Implementation - Secure, Defensive Coding

Security Testing

Secure Deployment and Maintenance

Post-Market Concepts

Penetration Testing

Hacking History and Common Pitfalls

Functional vs. Security Testing

Interface/Protocol Analysis

Debugging/Diagnostic Pitfalls and Evaluations

Secure Communication

Attack Methods: code analysis, side channel analysis, fault injection

Fuzzing

History

Fuzzing explained: input generation, monitoring, bug oracles, remediation proof

Example fuzzers

Grow these skills

Secure Development Lifecycle

Cybersecurity Threat Analysis and Risk Assessment

Penetration Testing

Fuzzing

Cybersecurity Awareness

Risk Analysis and handling

Interested in this training for your team or business?

The Brightsight Bulletin