Understand and integrate security in the SDLC
Key Concepts
AgileWaterfallDevOpsDevSecOpsScaled AgileCMMSAMMOperationsMaintenanceChange managementIPT
Identify and apply security controls in software development ecosystems
Key Concepts
Programming languagesLibrariesTool setsIDERuntimeCI/CDSoftware CMCode repositoriesSASTDASTSoftware composition analysisIAST
Assess the effectiveness of software security
Key Concepts
AuditingLogging changesRisk analysisRisk mitigation
Assess security impact of acquired software
Key Concepts
COTSOpen sourceThird-partyManaged servicesCloud servicesSaaSIaaSPaaS
Define and apply secure coding guidelines and standards
Key Concepts
Security weaknessesVulnerabilitiesAPI securitySecure coding practicesSoftware-defined security