Symosis announced the upcoming general availability of their newest Computer Based Training (CBT) course that includes five modules and is aimed at Development teams seeking to enhance their computer security programming skills. Symosis already has a full CBT course of three modules for QA teams and the new upcoming Development Course will compliment the existing Software Security for QA course focusing on the issues taught in the QA course, but taking the approach from the developer and programmer point of view. The course will include bad and good coding examples for the most popular web based programming languages. Software security has steadily evolved into a key focus area for organizations that develop, test, and support applications and products. Information security vulnerabilities introduced during the programming phase of the software development lifecycle (SDLC) usually appear after an application has gone live. Focusing on improving coding methods and testing techniques by training developers and QA engineers to address security during the SDLC is a widely accepted means to address one of the systemic issues, but to date this training is difficult to measure and is limited in both availability and affordability. The CBT courses train both QA and Development teams on all the specific areas of application security requirements in the PCI DSS and focus on building secure coding techniques, QA test cases, and standards to integrate into the SDLC. Each module teaches detailed threats and countermeasures that cover all of the major standards such as the Open Web Application Security Project (OWASP) guidelines.
“Our customers ask for simple and secure solutions to make their SDLC smarter in regards to security. All of the books and conferences tell them to adopt secure coding practices but fail to provide an effective means for execution,” said Clinton Mugge, CEO, Symosis, Inc. “Our scalable solution empowers companies to affect change at the point where it is most effective for creating more secure products, the individual level, at an exponentially lower cost. Coupled with the elimination of the need for travel to an offsite course, the cost savings is significantly stronger further supporting the initial expenditure and TCO during the license period.”
The Symosis CBT Courses address the most prevalent security topics applications suffer from in today’s Web 2.0. Delivered as a service-on-demand, students login anywhere over the internet and progress through the content at their own pace. The modules include games, quizzes, toolkits, videos, and are customizable to match company policies and procedures, enhancing the relevance and impact. Reporting of student participation and completion occurs through a detailed management module that allows the observation of individual training progress at either employee or group level. By coupling the course content with the management module, Symosis is pioneering the concept of true observation of ROI by providing an effective means to measure the impact of employee comprehension of application security in real time.
