Secure Development for Financial Services

Course Description

This course presents the current compliance landscape for building applications for the financial services sector. The regulatory landscape for financial services is extremely complex, with a lot of overlapping requirements. The goal of this course is to analyze this complex environment and outline the consolidated requirements posed by various legal and compliance frameworks. The course focuses on requirements for authentication, authorization, and access control. It also presents requirements for privacy and personal data protection brought about by recent legislation such as GDPR and CCPA. The course concludes with operational security requirements as well as what is mandated for breach detection and notification.

Learning Objectives

• Understand the main legal and compliance frameworks for financial services and what requirements they bring to developing applications.
• Implement compliant policies for authentication, authorization, and access control.
• Identify personal data and be able to protect that data based on the privacy requirements imposed by the corresponding legal frameworks.
• Apply necessary encryption and integrity protection mechanisms for sensitive data.
• Outline the controls required to secure applications and monitor for potential security breaches.