+49 (911) 80 10 30

Give us a call or have us call you back!

Simply leave a message with your callback appointment

Your Name *

Your phone number *

Callback date *

Callback time *

Your request *

In order to process your request, it is necessary to process the data you provide. This means that by submitting the contact form, you consent to your data being processed (see Privacy Policy). You can object to the processing of your data at any time.

* All fields marked with an asterisk are mandatory fields.
Send a message

Your Name *

Your email *

Your phone number

Your request *

In order to process your request, it is necessary to process the data you provide. This means that by submitting the contact form, you consent to your data being processed (see Privacy Policy). You can object to the processing of your data at any time.*

* All fields marked with an asterisk are mandatory fields.
Social Media

Share page

SC470: Secure Development Principles

Training: Security - Software Development - Certifications

Software developers and architects learn the fundamentals of secure software development in a professional environment. The course covers business and threat modeling, risk treatment, as well as all components of the Secure Development Lifecycle, from requirements analysis and design to implementation, testing, and deployment. Numerous interactive practical examples deepen understanding and promote the active integration of participants’ own experiences.

Appointment selection

Appointments in German language (3)


Hybrid training	2026-02-02 \| 10:00 am	2026-02-05 \| 05:00 pm	Nürnberg
Hybrid training	2026-06-29 \| 10:00 am	2026-07-02 \| 05:00 pm	Nürnberg
Hybrid training	2026-11-16 \| 10:00 am	2026-11-19 \| 05:00 pm	Nürnberg

Possible course languages: German

Request prefered appointment period:

Your Name *

Your email *

Your phone number

Preferred period from *

Preferred period to *

Number of participants *

Your message

* All fields marked with an asterisk are mandatory fields.

Hybrid training

Start: 2026-02-02 | 10:00 am

End: 2026-02-05 | 05:00 pm

Location: Nürnberg

Price: 2.850,00 € plus VAT.

Hybrid training

Start: 2026-06-29 | 10:00 am

End: 2026-07-02 | 05:00 pm

Location: Nürnberg

Price: 2.850,00 € plus VAT.

Hybrid training

Start: 2026-11-16 | 10:00 am

End: 2026-11-19 | 05:00 pm

Location: Nürnberg

Price: 2.850,00 € plus VAT.

Request prefered appointment period:

Your Name *

Your email *

Your phone number

Preferred period from *

Preferred period to *

Number of participants *

Your message

* All fields marked with an asterisk are mandatory fields.

Agenda:

Introduction
- What is secure coding and what is it not
- Terminology and concept of training

Requirement gathering
- Business requirements (business area, processes, assets, etc.)
- Project requirements (code maturity, internal functionality requirements, budget, legal requirements, etc.)
- Threat model (protection goals, identification of attack vectors, risk management, mitigation strategies)

Secure design
- Secure Design Principles (bugchains, security by design, Viega's and Graw's Principle)
- Robust Architecture (application components, the dependency rule, service mesh)
- Robust Technology Design (development considerations, supply chain considerations)

Secure implementation
- OWASP Top 10, CWE, best practices
- Authentication (identification & authentication, broken access control)
- Processing (input parsing, injection)
- Storage (software & data integrity, cryptographic failures, logging & monitoring failures)

Testing
- Automated testing (test cases, test setups, tools)
- Penetration testing (concept, methods, tools)
- Chaos engineering (concept, resilience, case study)

Deployment & maintenance
- Launch (release strategies, hypercare)
- Longterm support (change management, feature requests, future proof)
- Disaster recovery (backups, supply chain, business continuity)

Learning progress review / exam

Objectives:

The SC470 Secure Development Principles course provides:

Identify vulnerabilities in concepts and architectures
Identify business critical assets
Develop and describe attack vectors

Target audience:

The SC470 Secure Development Principles training is ideal for:

Software project managers / product owners
Business analysts / requirements engineers
IT consultants
Junior software/cloud architects
Junior software developers

Prerequisites:

In order to be able to follow the course content and pace of learning in the SC470 Secure Development Principles workshop, professional experience in software development is helpful. Programming knowledge is not a prerequisite.

Description:

The SC470 Secure Development Principles workshop teaches you the theoretical principles of secure software development in a professional environment.

In addition to robust architecture, the focus is on business and threat modeling as well as risk handling. You will learn about all the building blocks of the secure development lifecycle: requirement gathering, secure design, secure implementation, secure testing and deployment. Specifically, the topics of business and project requirements, threat modeling and secure design will be covered.

The workshop places particular emphasis on current concepts, which are explored in depth using numerous interactive practical examples. This gives participants the opportunity to actively contribute their own experiences and requirements. By the end of the workshop, participants will have gained a solid understanding of secure software development in a professional environment and will be able to plan robust and secure applications and support their implementation.

The course is part of the "qSkills™ Secure Software Quadrant", which consists of: