The same channels that an application uses to communicate with the enterprise can expose a massive amount of data to unauthorized users that can then be used maliciously.
San Antonio, Texas (PRWEB) November 14, 2011
Denim Group, the leading secure software development company, today announced it has launched the industry’s first secure software development e-Learning courses on its ThreadStrong Learning Platform focused on mobile application development. The initial offerings include an Overview of Mobile Application Security as well as Authentication and Authorization classes specific to the Android and the iPhone platforms. Denim Group will be adding additional in-depth secure mobile training classes in the next few months that will focus on additional aspects of secure mobile development.
With the dramatic increase in the number of devices, their technical capabilities, and their use for information-rich transactions attached to back-end enterprise applications, mobile platforms have become an increasingly attractive security target in today’s market. As a result, it is vital for mobile developers to understand how to design and build applications that securely leverage a platform's capabilities without exposing the organization or the application's users to risk.
“Mobile applications provide users with the ability to perform tasks that were formerly consigned to the desktop such as mobile banking, shopping and travel planning, allowing a wealth of information to flow through or be stored on the device,” said John Dickson, Denim Group principal. “Mobile applications are also being used to give customers and employees access to useful data instantly. However, the same channels that an application uses to communicate with the enterprise can expose a massive amount of data to unauthorized users that can then be used maliciously.”
What makes the security challenge increasingly complex is the number of mobile operating systems that exist with very little standardization between them. In addition, Android, iPhone, Blackberry smartphone and tablet devices provide a variety of functions built into the hardware that make them dramatically different from desktop or laptop computers, presenting a unique set of security ramifications that must be dealt with at the application level. In addition to the distinct hardware capabilities mobile platforms provide, the networks used to access many of these services are often unsecured and unencrypted, creating additional confidentiality breaches from traffic monitoring.
Denim Group’s e-Learning courses teach today’s developers how to mitigate the significantly more complex threat models presented by mobile platforms by helping developers understand both the characteristics of a secure architecture as well as platform-specific knowledge for the mobile environments being targeted. In addition, Denim Group’s courses also cover how to strike the appropriate balance between functionality and security in order to realize the benefits from mobile without putting the organization at an undue amount of risk. As a result, organizations are able to take security considerations into account at the beginning of a mobile development project to help keep teams from introducing vulnerabilities that can impact the security of both application users as well as the organization releasing the application.
Denim Group’s user-friendly ThreadStrong e-Learning platform combines the best elements of experiential learning methodologies with online information technology. The combination of text and exercises provides students with an engaging and personalized self-paced learning experience. The ThreadStrong mobile courses combine the hands-on knowledge of working software developers with the experience of world-sought trainers who use best practices to provide practical and in-depth mobile application security training content.
ThreadStrong's curriculum is generated by secure application development experts from Denim Group who have deep experience building and security testing mobile software in numerous frameworks. Unlike many security experts who just "talk" about security, Denim Group experts are practicing developers who spend a significant amount of their time actually building software, so examples and other content are pulled from real world experience conducting code reviews and developing secure software. All material is peer-reviewed to ensure accuracy and relevance.
Availability & Pricing
The Overview of Mobile Application Security and Authentication and Authorization for the Android OS and the iPhone OS platform classes are available immediately. Additional in-depth secure mobile training classes will be added to the curriculum in the next few months. In addition to e-Learning for mobile, ThreadStrong offers a variety of other secure application programming courses that cover topics such as Secure Coding for Java and .NET applications, Threat Modeling, Software Security Remediation Basics as well as a publicly available class explaining Cross-Site Request Forgery (CSRF). Licensing for ThreadStrong is handled on a per-user basis, with discounts applied to incremental numbers of users, and includes unlimited access to all available course materials for each licensed user. As a result, users can return to review the training classes even after training is complete to refresh their knowledge. Recurring updates refresh the subject matter based on evolving application security threats as well. Site licenses are also available for all developers within a single organization. The e-Learning course content is available in a hosted version and a version compatible with internal learning management system versions. Denim Group also offers public classes and instructor-led training, as well as in-house mentorship services.
ThreadStrong application security e-Learning courses have trained thousands of developers in secure development practices across the globe, proving the effectiveness of the online training. Used internationally by Fortune 500 companies and more, ThreadStrong’s modularized content addresses specific learning objectives using a structured, building-block approach. This helps ensure that each lesson facilitates the learning objectives in the most effective way for the individual in training. As a result, team members can learn at their own pace but the course modules are continually available as a reference tool that developers can return to even after training refresh their knowledge. In addition, ThreadStrong provides a practical, cost-saving solution for organizations with developers scattered across the globe. Regular updates to course content keep developers up to date with the newest security threat and attack technique discoveries on a regular basis.
About Denim Group
Denim Group is the leading secure software development firm. The company builds custom large-scale software development projects across multiple platforms, languages and applications. What makes Denim Group unique is that the company brings significant core competencies in software security to the table, offering an innovative blend of secure software development, testing and training capabilities that protect a company's biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries. Its depth of experience building large-scale software development systems in a secure fashion has made the company’s leaders recognized experts in their fields. Denim Group has been recognized as one of the 5,000 Fastest Growing Company’s by Inc. Magazine several years in a row, and has won multiple awards including its recent accolades as one of the best places to work in San Antonio. For more information about Denim Group visit http://www.denimgroup.com.
# # #