Course curriculum

    1. Welcome to SAMM Fundamentals

    2. Terms of Reference

    3. The Application Security Problem

    4. SDLC Overview

    5. SAMM Vision and History

    6. SAMM Structure

    7. The Model as an Assessment Tool

    8. Establishing an Assessment Scope

    9. Methodology for Using the Model

    10. Introducing the Case Studies

    1. Introduction to Governance

    2. Strategy & Metrics

    3. G-SM-A: Create and Promote

    4. G-SM-B: Measure and Improve

    5. Strategy & Metrics: Quiz

    6. Policy & Compliance

    7. G-PC-A: Policy and Standards

    8. G-PC-B: Compliance Management

    9. Policy & Compliance: Quiz

    10. Education & Guidance

    11. G-EG-A: Training and Awareness

    12. G-EG-B: Organization and Culture

    13. Education & Guidance: Quiz

    1. Introduction to Design

    2. Threat Assessment

    3. D-TA-A: Application Risk Profile

    4. D-TA-B: Threat Modeling

    5. Threat Assessment: Quiz

    6. Security Requirements

    7. D-SR-A: Software Requirements

    8. D-SR-B: Supplier Security

    9. Security Requirements: Quiz

    10. Security Architecture

    11. D-SA-A: Architecture Design

    12. D-SA-B: Technology Management

    13. Security Architecture: Quiz

    1. Introduction to Implementation

    2. Secure Build

    3. I-SB-A: Build Process

    4. I-SB-B: Software Dependencies

    5. Secure Build: Quiz

    6. Secure Deployment

    7. I-SD-A: Deployment Process

    8. I-SD-B: Secret Management

    9. Secure Deploy: Quiz

    10. Defect Management

    11. I-DM-A: Defect Tracking

    12. I-DM-B: Metrics and Feedback

    13. Defect Management: Quiz

    1. Introduction to Verification

    2. Architecture Assessment

    3. V-AA-A: Architecture Validation

    4. V-AA-B: Architecture Mitigation

    5. Architecture Assessment: Quiz

    6. Requirements-Driven Testing

    7. V-RT-A: Control Verification

    8. V-RT-B: Misuse/Abuse Testing

    9. Requirements-Driven Testing: Quiz

    10. Security Testing

    11. V-ST-A: Scalable Baseline

    12. V-ST-B: Deep Understanding

    13. Security Testing: Quiz

    1. Introduction to Operations

    2. Incident Management

    3. O-IM-A: Incident Detection

    4. O-IM-B: Incident Response

    5. Incident Management: Quiz

    6. Environment Management

    7. O-EM-A: Configuration Hardening

    8. O-EM-B: Patching and Updating

    9. Environment Management: Quiz

    10. Operational Management

    11. O-OM-A: Data Protection

    12. O-OM-B: System Decommissioning

    13. Operational Management: Quiz

About this course

  • Free
  • 79 lessons
  • 5 hours of video content

Discover your potential, starting today