Master the implementation of Application Security (AS) techniques based on ISO 27034:2011.

This four-day intensive course enables participants to develop the necessary expertise to support an organization in establishing, implementing and managing Application Security (AS) based on ISO 27034.

During this training course, you will also gain a thorough understanding of the best practices of Application Security techniques and be able to identify and avoid common application vulnerabilities.

For more information, please visit PECB.

  • Managers or consultants involved in Application Security (AS);
  • Expert advisors seeking to master the implementation of Application Security techniques;
  • Individuals responsible for maintaining conformance with organization`s Application Security requirements;
  • Application Security team members;
  • Application developers;
  • Application Security analysts;
  • Expert advisors involved in Application Security (AS) operations.
  • Acknowledge the correlation between ISO 27034 and other standards and regulatory frameworks;
  • Master the concepts, principles, approaches, components, processes and techniques used for the implementation and effective maintenance of Application Security;
  • Learn how to interpret the ISO 27034 guidelines within the specific context of an organization;
  • Learn how to support an organization to effectively plan, implement, and manage Application Security;
  • Acquire the expertise to advise an organization in implementing Application Security best practices.

Day 1: Introduction to Application Security techniques:

  • Course objectives and structure
  • ISO and International Standards
  • ISO 27034 – Application Security
  • ISO 27034 AS – Overview and concepts
  • ISO 27034 – Application Security Framework

Day 2: Plan the implementation of AS techniques based on ISO 27034 (project level):

  • The AS Management Process (ASMP)

Day 3: Implementation of AS techniques based on ISO 27034 (organization level) Cybersecurity controls:

  • Implementation of AS based on ISO 27034 (Organization Level)
  • Security guidance for specific organizations and applications
  • ONF Components

Day 4: AS validation and certification, protocols and ASC data structure based on ISO 27034:

  • AS validation and certification
  • AS validation and certification
  • Competence and evaluation of implementers
  • Closing the training

This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases;
  • Practical exercises based on a full case study including role playing and oral presentations;
  • Review exercises to assist the exam preparation;
  • Practice test similar to the certification exam.

To benefit from the practical exercises, the number of training participants is limited.

  • The “PECB Certified ISO 27034 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: Fundamental principles and concepts of Application Security
    • Domain 2: Application Security Controls (ASCs) and other best practices in AS
    • Domain 3: Preparation of an AS project implementation based on ISO 27034
    • Domain 4: Implementing an AS project based on ISO 27034
    • Domain 5: Performance evaluation, monitoring and measurement of an AS project based on ISO 27034
    • Domain 6: Continual improvement of an AS project based on ISO 27034
    • Domain 7: Preparing for an Application Security audit
  • The “PECB Certified ISO 27034 Lead Implementer” exam is available in different languages (trainers are fluent in English, French & Spanish);
  • The exam is available online, please refer to PECB Exams User Manual;
  • Duration: 3 hours
  • For more information about PECB Certified ISO 27034 exam and certification, refer to ISO 27034 Lead Implementer Exam & Certification.

Testimonials about the trainer

The Next 3 Courses