Competency
Implementation of Control A 8.29 Security Testing in Development and Acceptance
This competency provides a thorough overview of security testing processes. It covers defining test requirements, methodologies, secure coding practices, code reviews, vulnerability assessments, and integrating testing with outsourced development. Participants will also learn how to implement and audit security testing as per ISO/IEC 27001 standards, ensuring robust software security.
5 Trainers
About
Course Overview:
This competency focuses on security testing within software development. Participants will learn the fundamentals of security testing, including secure coding practices, code reviews, vulnerability scanning, and penetration testing. The course covers both automated and manual testing methodologies, as well as testing in outsourced development environments, all while ensuring compliance with ISO/IEC 27001.
What You'll Learn:
- Defining security testing processes and requirements
- Methodologies for testing security functions and secure coding practices
- Conducting code reviews, vulnerability scanning, and penetration testing
- Implementing and auditing security testing in outsourced development environments
- Aligning security testing practices with ISO/IEC 27001 for robust compliance and auditing
- Leveraging automated testing tools and techniques for efficiency
Who Should Take This Course?
This course is perfect for:
- Cybersecurity professionals
- Software developers and engineers
- IT auditors and compliance officers
- Penetration testers and vulnerability assessors
- Risk managers and business leaders overseeing secure development processes
What You'll Get:
- A certification of completion
- Knowledge of security testing practices and methodologies
- Hands-on experience with testing tools and procedures
- Access to a community of cybersecurity and software development professionals
- Access to course materials in multiple languages
Module 1
Defining Security Testing Processes
- Introduction to Security Testing (15 mins)
- Security Testing Requirements (16 mins)
- Developing Effective Test Plans (15 mins)
- Leveraging Automated Tools (15 mins)
- Take the Practice Quiz
Module 2
Testing Methodologies
- Testing Security Functions (15 mins)
- Secure Coding Practices (15 mins)
- Secure Configurations Testing (14 mins)
- Automated and Manual Testing Integration (15 mins)
- Take the Practice Quiz
Module 3
Acceptance Testing and Code Reviews
- Performing Code Reviews (15 mins)
- Vulnerability Scanning (15 mins)
- Penetration Testing (15 mins)
- Independent Acceptance Testing (14 mins)
- Take the Practice Quiz
Module 4
Outsourced Development and Testing Environments
- Managing Outsourced Development (15 mins)
- Testing in Production-like Environments (15 mins)
- Implementation as per ISO/IEC 27001 (15 mins)
- Audit as per ISO/IEC 27001 (15 mins)
- Take the Practice Quiz
Specialization · 4 modules
4 Modules
100% Positive Reviews (24 reviews)
104 Lessons (4h 15m)
3,011 Students
Languages Available: Spanish, English, German, French
Exam
Certificate upon completion of the course
Tags
Implementation of Control A 8.29
Security Testing
Development and Acceptance
Secure Coding
Vulnerability Assessment
Penetration Testing
ISO/IEC 27001 Compliance
About the Trainer
Kevin Kamanga
Cybersecurity Project Manager and ISMS Auditor
Kevin Kamanga is a Project Manager and ISMS Auditor with a strong foundation in human resources and IT. A JKUAT graduate, he is skilled in Network Administration, DNS, and Network Security. Kevin holds numerous certifications, including Fortinet FortiGate Administrator, Fortinet Certified Associate in Cybersecurity, Lead Cybersecurity Manager (PECB), PRINCE2 Practitioner, and Cisco Certified Network Professional (CCNP) Enterprise. His expertise spans cybersecurity, project management, and digital transformation, making him a valuable asset in enhancing organizational security and operational efficiency.
