The Software Assurance Forum for Excellence in Code (SAFECode) has developed six secure software development training modules which are free for organisations to download and use.
The modules are based on Adobe software training projects and were developed in collaboration with other forum members, said Howard Schmidt (pictured), executive director of SAFECode.
“There will be more to follow and we hope the developer community will rally around this,” the former White House cyber security co-ordinator told the Security Development Conference 2013 in San Francisco.
Schmidt called on developers attending the conference to use the modules and then help to build additional training materials for the industry, to continue the initiative as a public service.
The initiative is aimed at helping organisations learn to create secure code, create a solid base of security knowledge across product teams and build custom training programmes.
“One size does not fit all so, while there are basic things we should all be doing, there will be scope to tweak these modules to fit specific products and services,” said Schmidt.
Read more about security training
- Training may be key to website security, study shows
- Can universities give young developers application security training?
- More training needed to fight cyber threat
- Security awareness training made easy
- Phishing emails sent in pairs to lend authenticity, says training company
- Microsoft launches Get On IT training initiative
- Online CompTIA training courses launched for cloud, mobility, security
- How to begin corporate security awareness training for executives
The initial modules cover cross-site request forgery, SQL injection attacks, passwords, file permissions, Windows access controls and obscure and hidden code.