This workshop provides practical knowledge of secure software development (secure coding) and raises awareness of typical attack vectors, sources of error and weaknesses in the development process.
Participants learn how to implement security requirements effectively, recognise and avoid risks, and anchor security in architecture and code.
The format combines knowledge transfer, discussion, code examples and practical exercises.

Content:

Introduction to the basic principles of software security (CIA triad, secure development lifecycle, shift left, security by design)
Typical weaknesses in software projects (e.g. OWASP Top 10, memory safety, input validation, authentication/authorisation, logging)
Analysis of real-world case studies from customer projects or well-known CVEs
Practical exercises on:
- Detecting and fixing insecure code
- Handling external libraries and dependencies
- Securing interfaces (API security basics)
Overview of relevant standards and guidelines (e.g. IEC 81001-5-1, ISO/SAE 21434, IEC 62443-4-1, OWASP ASVS)
Recommendations on tools and methods (static code analysis, dependency checking, threat modelling)
Closing discussion: lessons learned and deriving improvement measures for the development process

Benefit:

Greater security expertise among developers and architects
Fewer security-relevant weaknesses already in the early development phases
Building a shared understanding of security responsibilities within the team
A direct contribution to meeting regulatory requirements (e.g. CRA, ISO/SAE 21434, IEC 62443)
Strengthening the security culture in the company

Target audience:

Software developers (embedded, backend, frontend)
Software and system architects
Technical leads and security champions

Prerequisites:

Basic knowledge of software development (C/C++, Python, Java or similar)

Request this training

Send us a short note — we get back within one business day.

← All trainings