In the workshop, we analyze your development process together and derive the necessary measures to make processes and existing software CRA-compliant.
Benefits of the workshop
In this workshop, you will understand the requirements of the CRA and learn how to implement them effectively as part of a secure software development process.
What to expect:
Workshop (1 day + 0.5 days Q&A)
Day 1:
- Secure Software Development - Awareness Training (~2.5h)
- Risks in software development
- Overview of CRA, NIS2, IEC 62443-4-1
- Introduction to a software security lifecycle (~2h)
- Employee qualification (role definition, training)
- Secure development process (best practices)
- Product Security Incident Response (PSIRT) process
- Joint gap analysis (~2h)
- Analysis of the architecture & development process from a security perspective
- Quality assurance: security tools, code reviews & tests
Q&A-Session (0.5 days remote):
- A few days after the workshop, our experts are available again remotely for one or more Q&A session(s)
Optional follow-up workshops:
- Joint threat analysis of a project & risk assessment
- Project analysis with security tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA) with 3rd party vulnerability analysis)
- Risk analysis of third-party components & SBOM integration
Key Takeaways:
- Understanding of CRA and secure software development lifecycle
- Initial assessment of the security level of your development and support processes
- Practical strategies for improving security processes
- Concrete measures for secure software development
Target group:
- Awareness training for the entire development department
- Technical & non-technical managers, project managers, architects
- Security managers, QA & process managers
- Companies that develop software and bring it to market
Duration:
1 day workshop (on-site), 0.5 days Q&A (remote)
Book your workshop now & set up your company securely.
