What is the Software Security Institute?

The SANS Software Security Institute (SSI) brings the most trusted name in information security to developers, programmers and application/software security professionals.

Training for web application security and hacking, secure coding, software security testing, code review and PCI compliance
Language specific secure coding training for Java/JEE, .NET, C, C#, PHP and others
Programmer/Developer Certification (GSSP) through our GIAC affiliate
Free research and news resources to keep up to date with the most recent attack vectors and application vulnerabilities

Featured Events

Cyber Defense Initiative, DC	Dec
Security West 2009, Las Vegas	Jan
SANS SCADA Summit, Orlando	Feb
SANS 2009, Orlando	Mar
Phoenix 2009	Mar
Security East, New Orleans	May
Forensics, Live Online	Dec

full calendar >>

Courses

Select training by course from a variety of categories including Web Applications, Language, Test/Code Review and
more >>

Additional SANS Courses

Courses in network and system security audit, legal and management of security.

Certification Information: GSSP Overview; GSSP Certifications; GSSP Brochure
Exam Information: GSSP Certification Exams; Free Practice Tests
Assessment Information: Register for an individual assessment; Free Assessment Information
Other Information: GIAC Certification Success Stories; Helpful References

Application Security
Secure Coding: 2008 Insecure Coding Winners
Research Library: youtube videos; Secure Programming Exam Blueprints; Security Thought Leaders
Top 20 Vulnerabilities: The 20 most critical computer & network security vulnerabilities.
more >>
Helpful References
Links: GIAC Certification; SANS Institute; SANS Technology Institute; Internet Storm Center

Mission Statement

The SANS Institute was established in 1989 as a cooperative research and education organization.

Today, SANS teaches more than 14,000 application and network security practitioners each year. With more than 70,000 alumni and 165,000 community practitioners receiving SANS research and project information, SANS is the most trusted and by far the largest source for information security training and certification in the world.

The SANS Software Security Institute (SSI) focuses the deep resources of SANS on the growing threats to the application layer. SSI provides training, certification and a library of research and community initiatives to help developers, architects, programmers, and application security managers protect their software/web applications.

SSI programs are designed to teach and enable implementation of the most effective secure coding and software development lifecycle (SDL) practices.