SC460: Secure Architecture and Design

Training: Security - Software Development

Software developers and software and cloud architects receive a practical introduction to Secure Architecture and Design. The course covers best practices for secure application architectures and methods to reduce the attack surface. It addresses threat perspectives, threat modeling for identifying vulnerabilities, as well as exercises to apply and reinforce security measures in a targeted manner.

Hybrid training Hybrid training

Start: 2025-10-13 | 10:00 am

End: 2025-10-17 | 01:30 pm

Location: Nürnberg

Price: 3.450,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Security design principles – Introduction, application and measurability
  • Trust / Trust principals
    • "Never trust the Client"
    • "Zero trust"
    • "Trusted 3rd party"

  • Secure design - Authentication
    • Secure identifiers / Identities
    • Password-Based authentication
    • Secure implementation of cryptographic methods
    • Kerkhof's principal

  • Secure design principles: Authorization
    • "Segregation of duties"
    • "Least privilege"
    • "Avoid broadly generic functions"
    • "Authorize close to the source"
    • "Extension of Kerkhoffs-Principle"

  • Additional principles overview
    • "Do not be chatty"
    • "Encrypt high"
    • "Decrease visibility"

  • Secure Design – Input / Output / Communication
    • "Input validation"
    • "Output validation"
    • "Black-Listing / White-Listing"
    • "Do not interpret – discard"
    • "Intercept – do not process"
    • "Don't call me – I call you!"
    • "Resilient design"

  • Secure Design – "Miscellaneous"
    • "Visibility"
    • "Default is tight"
    • "Fail safe"
    • "Double book-keeping"
    • "No filesystem"

  • Threat modelling
    • Introduction, application, history, fundamentals

  • Threat modelling methods
    • Misuse-Cases
    • Attack-Trees
    • STRIDE
    • EoP-Card-Game
    • Tools
    • Application-Level-Threat-Modelling

  • Vulnerabilities and practical exercise
    • Identity management
    • Authentication
    • Authorization

  • Vulnerabilities
    • Communication
    • Memory
    • Input-Attacks
    • Attacks by privileged users
    • Attack detection
    • Traceability
    • Attacks via infrastructure
    • Data protection
    • Open-Source-Security
    • Attacks on software lifecycle
    • Attacks on cryptography
    • Attacks on error situations

  • Vulnerability assessment
    • Attack vector
    • CVSS
    • Risk assessment

  • Conducting and documenting workshops

  • Workshop facilitation

  • Final exercise
    • Threat modelling
    • Risk assessment of findings
    • Analyze secure design measures

  • Many practical exercises for individual modules

Objectives:

The training SC460 Secure Architecture and Design has the following course objectives:

  • Knowledge and application of common security design principles
  • Skills to conduct a threat modeling workshop
  • Knowledge of common design vulnerabilities and their remediation

Target audience:

The training SC460 Secure Architecture and Design is ideally suited for:

  • Software Developers
  • Software Architects
  • Cloud Architects

Prerequisites:

To be able to follow the course content and learning pace in the workshop SC460 Secure Architecture and Design effectively, you should bring the following prerequisites:

  • basic IT knowledge
  • basic IT security terminology

Description:

The world is changing at a rapid pace and with it the demand for new technologies. This also increases the risk for digital threats and the importance of cybersecurity rises. Organizations and enterprises require a variety of complex systems and measures to ensure the protection and security of large data volumes and critical assets. Through outdated and incomplete security architecture, companies become targets for internal and external hacker attacks. For this reason, architecture concepts must be developed in such a way that they provide the smallest possible attack surface. The workshop SC460 Secure Architecture and Design enables you to counteract such threats.

Secure Architecture and Design is a basic requirement to build a secure application. A secure architecture can be achieved through different approaches, either using a classic, somewhat "mechanical" method in which BSI™-Grundschutz is applied or alternatively through somewhat freer risk-based methods.

In this seminar, the focus is on two essential perspectives: In the Best Practice perspective, the application of generally recognized design principles is examined more closely. The threat perspective, in turn, makes clear what can go wrong. In this context, you will learn about Threat Modeling. With this very valuable conceptual analysis technique, potential vulnerabilities and risks can be identified early in the development of applications and required measures can be derived.

The course places special emphasis on practical applications by offering numerous exercises that enable participants to directly implement and consolidate their acquired knowledge.

The course is part of the "qSkills™ Secure Software Quadrant", consisting of:

check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

3.450,00 € plus VAT.

(including lunch & drinks)

Exam (Optional):

100,00 € plus VAT.

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.