NIST Secure Software Development Framework (SSDF) Fundamentals
Training Course
Title: NIST Secure Software Development Framework (SSDF) Fundamentals
-
Modalities: Self-Paced Online
-
Live Instructor-Led: By Request
-
-
Duration: 2 days
Overview
This course is designed to introduces students to the foundational concepts behind the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-218 and related secure software development life cycle (SDLC)-related topics.
Who Should Attend
-
Line of Business Leadership
-
Non-Technical Managers
-
Technical Managers
-
Industry Members (e.g., Manufacturing Extension Program, State-Federal Liaisons)
Course Agenda
-
Day 1 (AM):
-
Introductions
-
Traditional software development life cycle (SDLC) vs the SSDF
-
Who needs to follow NIST SP 800-218
-
The role of Executive Order 14028: Improving the Nation’s Cybersecurity
-
Supplemental materials
-
The value of using SSDF
-
The relationship with secure by design (SBD)
-
-
Day 1 (PM):
-
SSDF practices structure and elements overview
-
Prepare the organization (PO)
-
Protect the software (PS)
-
Produce well-secured software (PW)
-
Respond to vulnerabilities (RV)
-
-
-
Day 2 (AM):
-
SSDF practice element details
-
Prepare the organization (PO)
-
Practice
-
Task
-
Notional implementation examples
-
-
Protect the software (PS)
-
Practice
-
Task
-
Notional implementation examples
-
-
-
Day 2 (PM):
-
SSDF practice element details
-
Produce well-secured software (PW)
-
Practice
-
Task
-
Notional implementation examples
-
-
Respond to vulnerabilities (RV)
-
Practice
-
Task
-
Notional implementation examples
-
-
-
SSDF practices corresponding to EO 14028 subsections
-
Review
-
Exam
-
-