Contact Us

CPISI-D – Secure Application Development Training

Request a call
With the increase in the demand for digital transactions, application developers are innovating payment features continually. In today’s digital evolution, a simple error in software code can create a vulnerability that can result in a data breach. This brings up the need to incorporate resilient secure application development practices right from the first line of the application.
About CPISI-D

CPISI-D is a Secure Application Development Training workshop aimed at developers and architects to build secure applications. The workshop revolves around the two best application security practices, PA DSS, and OWASP to train participants on an in-depth security implementation during design, development, testing, and deployment.

Why CPISI-D?

Secure Application Development Training can ensure that security controls are established at every stage of the Software Development Life Cycle and helps to secure payment applications from possible vulnerabilities and remove any redundant codes and functionality.

Who can participate?

The intended audience for this workshop is application developers, architects, application testing teams, and the payment application security enthusiasts with the zeal of learning payment security concepts.

CPISI Agenda

Day 1

  • Introduction to PCI-DSS and payment eco-system
    • Basic Concepts, Background and Recent Events
    • Overview of Payment Card Industry and PA-DSS standard
    • How to do risk assessment and threat profiling for the application
  • Security By Design
    • How to process and protect sensitive data, includes deail on encryption, key management, hashing, truncation and tokenization
    • Application authorization and access control feature
    • What to log and how the audit trails needs to be captured
  • Designing the application for covering common application vulnerabilities
  • Securing applications from Code Level Vulnerabilities

Day 2

  • Security During Development
    • Overview OWASP Top 10 Vulnerability (Web+Mobile)
  • Overview of the PA DSS Requirements
    • PA DSS Applications
    • PA DSS Requirements (1-12)
  • OWASP Top 10 Vulnerability Demo
  • Impact and Mitigation Approach
  • Mobile Application Security Overview
  • Secure deployment, maintaining the application security including production support

Key Takeaways

  • Understand the in-depth concepts of payments ecosystems and payment transaction flow
  • Gain knowledge on PA DSS requirements and respective security control implementations
  • Learn from use cases of recent payment application breaches
  • Learn about secure coding and some of the common coding vulnerabilities

Who can participate?

  • Payment application Developers
  • Code reviewers
  • Application head
  • Application architects
  • Software Developers
  • Website Developers
  • Mobile App Developers

CPISI - D Exclusive

  • CPISI-D is a comprehensive course covering holistic approaches to build a secure payment application
  • Provided by trainers with expertise in source code review and experience in handling PA DSS compliance
  • The 2-day session covers a broad scope of major risks and vulnerabilities that the developer needs to be vigilant while building secure payment applications

Workshop Participants Testimonial

Trainers stress on participation by candidates made the session lively and enjoyable.

Very useful information and relevant to today’s status.

The training was very useful to understand the payment card industry standard.

The trainer was very knowledgeable and the workshop helped us to gain knowledge necessary for both personal and business development.

Trainers are SME’s, competent and knowledgeable enough to understand, respond and clarify participants queries.

My second CPISI and this was the best.

Request a Call

Country:
How did you hear about us?:

Validate your certificate

Try Here
Please Note: Certified Payment Industry Security Implementer 2.0 (CPISI 2.0) is an independent payments industry certification offered by SISA for payment security professionals, relating to the standards; PCI DSS, ISO 27001, NIST, SWIFT, and Regional Data Security Regulations (including Central Bank Regulations).

The standards mentioned above are managed and developed by the respective council/ provider/ standard holders. They might provide their own training and certification programs. SISA is not affiliated with or endorsed by any of the above council/ provider/ standard holders.

For more information about the mentioned standards, kindly visit their respective websites.

Site Name

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive, detective, and corrective cybersecurity solutions. Our problem-first, human-centric approach helps businesses strengthen their cybersecurity posture.

Industry recognition by CREST, CERT-In and PCI SSC serves as a testament to our skill, knowledge, and competence.

We apply the power of forensic intelligence and advanced technology to offer true security to 2,000+ customers in 40+ countries.

Company

Services

Resources

Quick Links

Connect with us

Copyright © 2024 SISA. All Rights Reserved.
SISA’s Latest
close slider

Knowledge Lounge

Newly Launched: SISA’s Knowledge Lounge

Weekly Threat Watch

SISA Weekly Threat Watch, 01 January 2024

Agent Tesla exploits MS Excel flaw in ongoing phishing attacks

Blog

xss test

Webinar

Data Privacy trends in 2023 & their impact on data security strategy

Case Study

testing for ssti

Whitepaper

SISA – Canvas Edition2

Events

SISA at RSA CONFERENCE 2024

Infosec Report

SISA Top 5 Forensics Driven Learnings Report 2022 Cover

SISA Top 5 Forensics Driven Learnings 2022-23

Sign up for SISA's Daily
Threat Watch Advisory
Subscribe now!