Software Security for Product Owners and Managers

Security as a management task

© Fraunhofer IEM

The growing threat of security vulnerabilities in software products is putting business success at risk. However, the responsibility for security incidents is often placed solely on the development team. Though, it is the responsibility of product owners and managers to proactively address and systematically embed software security within their areas of responsibility. Secure software development starts at the management and product owner level.

Our goal is to support you as a product owner or manager in promoting secure software development. Our training focuses on providing you with a thorough understanding of your roles and responsibilities related to software security. We show you how to create the right conditions to ensure a secure development environment. In addition, we focus on identifying risks and taking appropriate measures to minimize potential security vulnerabilities and effectively protect your products from attacks.

In our final coaching-on-the-job, you will receive individualized advice on security challenges in your area of responsibility. This will allow you to strategically apply your new knowledge and further strengthen your software security skills as a product owner or manager.

Our training is open to individuals with prior knowledge of software security as well as those with no specific experience. We emphasize a confidential and respectful learning environment, taking into account the sensitivity of the subject matter and respecting individual limits of openness.

Our software security training for product owners and managers provides answers to the following questions:

  • What are my roles, responsibilities, and tasks as a product owner or manager in the context of software security?
  • What are the typical entry points for attackers?
  • What is software security, why is it important, and how does it differ from other types of security?
  • Which laws and standards do we have to consider?
  • How do I identify and address software security risks?
  • What can I do as a product owner or manager to ensure secure software development?
  • What software security contingency plans should I have in place?
  • How can I build the necessary skills in my area of responsibility?
  • How can I raise awareness of software security within my organization?
More Information / Request
OVERVIEW
Type of event
Seminar
Format
Online or in Person
Graduation
Certificate of attendance
Dates, registration deadline and location
  • Dates & Formats: Inhouse (on site or live online), Dates on request
Duration
Duration: approx. 28 hours learning time
Language
English
Price
On request
TARGET GROUP

Our software security training for product owners and managers is designed for people who are responsible for developing software and who want to ensure that their products are secure.

The course is also appropriate for people who do not have specific technical expertise in computer science and software security.

CONTENT AND EXPIRATION

Module 1: Introduction to Software Security

  • Raising awareness of software security using practical examples and live hacking demonstrations
  • Basic concepts of software security
  • Key security goals for your software products

Module 2: Your Role in Software Security

  • The roles involved in software security
  • Links between corporate culture and software security
  • Legal foundations of software security

Module 3: Practical application of software security

  • Effective methods for improving software security, such as risk management and employee skills development
  • How to apply these methods to your team / organization

Module 4: Product Security Incident Response

  • Detect and respond to vulnerabilities and attacks
  • Establish a Product Security Incident Response Team (PSIRT)

Module 5: Personal Software Security Coaching-on-the-Job (Live-Online) 

  • Individual coaching by experienced security experts as sparring partners
  • Assessment of software security in your team / organization
  • Application of the training content to real-world tasks in your daily work environment

Module 6: Final Meeting (Live-Online)

  • Reflection on the training and knowledge gained
  • Discussion of challenges in practical implementation
  • Exchange of anonymized coaching cases

Optional final exam

As a supplement to our software security training, you have the option of taking a voluntary oral exam (30 minutes, live online). If you pass the exam, it will be noted on your certificate of attendance. By taking the final exam, you will document the level of competence you have achieved and increase your chances of career success.

YOUR BENEFITS
  • You will learn facts and arguments on why software security matters to raise the awareness of your team and customers.
  • Understand your role and responsibilities in software security.
  • Know laws and standards towards software security.
  • You will be able to explain and discuss specific software security tasks in your area of responsibility with relevant stakeholders.
  • Learn effective security practices and technologies and how to apply them.
  • You will be able to better assess the risks and impact of insecure software and contribute to improved risk management.
  • Learn the steps to handle security incidents.
SPEAKERS

Dr. Matthias Becker

Dr. Matthias Becker heads the "Secure Services and Apps" department at Fraunhofer IEM. His focus as a trainer is on raising awareness and building the skills of managers and product owners. Matthias Becker is a Certified Scrum Product Owner.
https://www.linkedin.com/in/matzebecker/

 

Dr. Stefan Dziwok

Dr. Stefan Dziwok is a senior researcher in the "Secure Services and Apps" department at Fraunhofer IEM. He is a Certified Scientific Trainer (Foundational Level) and is in charge of training corporate customers on the topic of software security at his institute.
https://www.linkedin.com/in/stefan-dziwok/

More Information / Request

Related Links: