Security by Design from Software Engineering Perspective
Apply security-by-design principles across the SDLC — from threat modeling and secure architecture to resilient deployment patterns.
About This Course
About This Course
As cyber threats continue to evolve, organisations need to ensure that their software solutions are designed with security in mind from the ground up. This course equips professionals with the knowledge and skills required to create security-focused solutions that address potential vulnerabilities and build user trust. Participants gain a comprehensive understanding of Security by Design concepts, learning to incorporate them into every stage of the software development lifecycle — from requirements and architecture through implementation and deployment.
What You Will Learn
- Apply core principles of secure software design including defense in depth and least privilege
- Build threat models using STRIDE and attack tree methodologies
- Implement secure architecture patterns: zero trust, encryption at rest and in transit
- Prevent OWASP Top 10 vulnerabilities through secure coding patterns
- Design secure deployment pipelines with container security and secrets management
Prerequisites
- Experience with software development (any language or framework)
- Basic understanding of web application architecture
- No prior security engineering experience required
Agenda
-
Security by Design Principles · 45 min
Core principles of secure design. Threat modelling fundamentals using STRIDE and attack trees. -
Secure Architecture Patterns · 60 min
Defence in depth, least privilege, zero trust architecture. Secure data storage, encryption at rest and in transit. -
Secure Coding and Testing · 60 min
OWASP Top 10 prevention patterns. Input validation, output encoding, authentication and session management. -
Secure Deployment and Operations · 45 min
Container security, secrets management, and CI/CD security gates. Incident response planning for development teams.