Overview What You Will Learn Curriculum Instructor

Course Overview

The threat to software supply chains first became public knowledge with the SolarWinds/Orion hack in 2019. That exploit gave hackers backdoor access to the networks at the Pentagon, DHS, the State Department, and a good bit of the Fortune 500, which generated a lot of headlines. What makes those headlines so meaningful is that they publicized something that has concerned industry insiders for some time. That is insufficient control over our information and communication technology supply chains. 

Software applications enable everything in modern society. However, those applications are invisible. So, they are impossible to assure by conventional means. Worse, we build large software systems bottom-up from top-down designs. Or in simple terms, we integrate the product upwards in tiers from basic modules at the beginning of the coding process up to the final complex system. And since the aim is to produce the product as cost-efficiently as possible, the work is often offshored. 

Consequently, we find ourselves relying on a highly complex and abstract product built through multiple levels involving a range of societies and cultures, some of whom aren't necessarily our friends. And to make the matter even more interesting, managerial oversight in any supply chain rarely extends past the sub-contractor level, which means that anything could be happening at the bottom levels of a five or seven-level supply chain. Since we build every major system using integration, that creates the potential for an adversary to embed malicious code at any stage in the production and sustainment process. Assuming that doesn’t happen is the whole point of the Information and Communication Technology Supply Chain Risk Management (ICT-SCRM) process.  

What You Will Learn

  • Do overall lifecycle assurance planning
  • Develop software assurance risk mitigation strategies
  • Describe a valid process to ensure correctness of applied risk mitigation strategies
  • Establish a baseline level of software assurance as part of the upward integration process
  • Perform a proper design decomposition into modules at a foundation level
  • Itemize a valid set of measures for assurance of development practices
  • Ensure all due diligence actions for process risk management

Program Curriculum

  • Introduction to Information and Communication Technology
  • Supply Chain Dangers
  • Six Principles for Ensuring Control - Part 1
  • Six Principles for Ensuring Control - Part 2
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Risk Management
  • The Supply Chain Risk Management Process
  • Chapter 2 Quiz

  • Supply Chain Product Assurance
  • Assurance and Testing Best Practices - Part 1
  • Ensuring Against Product Defects
  • Chapter 3 Quiz

  • Supply Chain Lifecycle Assurance Processes
  • Threat Assurance Best Practices
  • Chapter 4 Quiz

  • ICT Supply Chain Acceptance and Operation
  • Best Practices for Lifecycle Sustainment
  • Lifecycle Dev/Ops - Part 1
  • Lifecycle Dev/Ops - Part 2
  • Chapter 5 Quiz
Load more modules

Instructor

Dan Shoemaker

Dan Shoemaker has been involved in the field of software assurance since its beginnings in 2005. He was part of the original software assurance initiative at the Department of Homeland Security and Chaired its Workforce Training and Education arm for four years, 2008 to 2012. He was a subject matter expert for both the NICE Workforce Framework and the Cybersecurity Curricular Guidelines projects. He has been a consultant and practitioner in the field for close to forty years and a professor for thirty-five. Finally, he is a Distinguished Visitor of the IEEE. and he has written twelve books and close to two-hundred articles in the field.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • OSINT: Unmasking Online Scams and Fraud

    OSINT: Unmasking Online Scams and Fraud

    Short Course

    OSINT: Unmasking Online Scams and Fraud

    Cybersecurity

    Master OSINT Techniques to Detect Online Scams, Phishing, Fak...

    $0.00

    Beginner

  • Implementing and Administering Cisco Solutions: CCNA 200-301

    Implementing and Administering Cisco Solutions: CCNA 200-301

    Short Course

    Implementing and Administering Cisco Solutions: CCNA 200-301

    Cybersecurity

    Gain the core skills within the field of Network Engineering ...

    $69.99

    Beginner

    10 hr 30 m

  • WordPress Security - Secure Your Site Against Hackers

    WordPress Security - Secure Your Site Against Hackers

    Short Course

    WordPress Security - Secure Your Site Against Hackers

    Cybersecurity

    Learn how to protect and secure you Wordpress Website

    $59.99

    Beginner

    2 hr 30 m

  • OSINT - Open-source Intelligence

    OSINT - Open-source Intelligence

    Short Course

    OSINT - Open-source Intelligence

    Cybersecurity

    Learn about OSINT (Open-source intelligence) from a hacker's ...

    $69.99

    Beginner

    5 hr 59 m

  • Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Short Course

    Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Cybersecurity

    Learn the Privacy by Design process to increase the Privacy p...

    $69.99

    Beginner

    5 hr 30 m

  • Malware Analysis Fundamentals

    Malware Analysis Fundamentals

    Short Course

    Malware Analysis Fundamentals

    Cybersecurity

    Explore how to find, analyze, and reverse engineer malware.

    $59.99

    Beginner

    4 hr 22 m

  • Digital Footprinting

    Digital Footprinting

    Short Course

    Digital Footprinting

    Cybersecurity

    A Practical Introduction to Digital Footprint Analysis

    $69.99

    Beginner

    4 hr 0 m

  • CVE's for Ethical Hacking Bug Bounties & Penetration Testing

    CVE's for Ethical Hacking Bug Bounties & Penetration Testing

    Short Course

    CVE's for Ethical Hacking Bug Bounties & Penetration T...

    Cybersecurity

    Complete Practical Course on CVEs for Ethical Hacking Penetra...

    $69.99

    Beginner

    7 hr 20 m

1 8