Resources: Enterprise License

Resources:

Overview

SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and largest source for information security training and certification in the world. SANS teaches more than 14,000 application and network security practitioners each year and has more than 70,000 alumni and 165,000 practitioners in the SANS community.

The SANS Software Security Institute (SANS Software Security) brings that same level of quality, timeliness and trust to developers, programmers and application software security professionals.

SANS Software Security focuses the deep resources of SANS on the growing threats to the application layer. SANS Software Security provides training, certification and a library of research and community initiatives to help developers, architects, programmers, and application security managers protect their software/Web applications.

SANS Software Security programs listed below are designed to teach and enable implementation of the most effective secure coding and software development lifecycle (SDL) practices.

Training for Web application security and hacking, secure coding, software security testing, code review and PCI compliance.
Language-specific secure coding training for Java/JEE, .NET, C, C#, PHP and others
Programmer/Developer Certification (GSSP) through our GIAC affiliate
Free research and news resources to keep up to date with the most recent attack vectors and application vulnerabilities

Software & Application Security Enterprise Partners Program

For more information or to discuss participation email enterprisepartners@sans-ssi.org

Many large organizations are working diligently to establish secure coding initiatives that will improve the security of applications they build for their own use and that are sold to others or embedded in products they sell to others. They are establishing training programs for their programmers; they are developing code testing processes; they are drafting secure coding policies; they are altering their contracts with consultants and outsourcers all with the goal of gaining confidence that the code they deliver is as secure as possible. Most of them have considered developing an assessment examination, but would be happier if the SANS initiative were successful, and therefore several, including Fortune 50 companies in the US and their equivalents in Europe, and major consulting organizations and software vendors have begun helping SANS make the Secure Programming Assessment examinations as good as they can be and as applicable to their corporate interests as possible. In return, SANS has named them Enterprise Partners of the initiative. Other large organizations committed to improving secure programming are welcome to join the program. Send email to enterprisepartners@sans-ssi.org with a brief description of the secure coding initiative you have already begun.

Additional Information

Software & Application Security Academic Partners Program

Universities and community colleges around the world partnering with SANS have made a commitment to ensure their students have access to course materials that will enable them to graduate with a strong foundation in secure programming and secure application development.

SANS Software Security will help the Academic Partners by co-sponsoring workshops, where their faculty will learn and share effective teaching techniques - especially how to integrate secure coding into core programming courses. Approved Academic Partners can also act as learning centers to teach SANS Software Security material to regional employers.

Each Academic Partner will also become a GSSP testing site, where their students can demonstrate mastery of secure programming skills and knowledge. Programmers from surrounding employers and independent developers will also be able to take advantage of the Academic Partner's testing site.