Security and Trust Office

Safeguard the development and delivery of Micro Focus products by embedding Security & Trust into software engineering lifecycle.

Security Experience

Providing our organization with required skillset and tools to deal with current cyber security landscape while embedding the importance of product security into the organizational DNA.

Making product security training and awareness an experience

The Security and Trust Office has designed and is leading a global Security Experience Program, to raise MicroFocus SW organization attention to product security.In addition to traditional frontal training, the program focuses on changing our organization mindset to security, provides an overall coverage to mainstream security while providing practical knowledge to tackle security challenges in their daily work

Our methodology

Our method of training provides relevant tools to deal with today’s threats landscape and is delivered through our learning model built from the following steps; Discover, Master and Accelerate.

Security and Trust Office
Forrester TechRadar™: Application Security

56% of technology and business decision-makers say that application security skills and experience are most needed in their organizations today.

Forrester TechRadar™: Application Security, Q2 2015

88%
Were satisfied with their course instructor.
84%
Of trainees believe they can implement the tools presented in the course in their day to day work.
47%
Improvement rate [average]. The trainees perform a preliminary exam when entering the course and final exams at the end of the course.
How to become a master defender?

Deepen the R&D software security knowledge with advanced courses, webinars, and round tables while pursuing industry leading certifications.

The CSSLP certification
The CSSLP certification

The CSSLP certification validates software professionals have the expertise to incorporate security practices; We incorporate our processes a part of the course.

The CSSLP certified employees

The CSSLP certified employees represent the organizational units in global locations, working with a portfolio of more than 70 products.

The CSSLP certified employees
Accelerate our R&D with security champions and day to day tools.

The S&TO champions are an elite group of senior R&D positioned in different roles who are committed to specialize and lead application security within their domain.

Champions
Champions

The S&TO champions are an elite group of senior R&D positioned in different roles which took the task to specialize in application software security. 

Each security champion undergo a personal development and acceleration program, gaining knowledge and tools, while implementing them throughout his journey.

SOS world wide events

The content of the events will always be constructed by; hacking challenges, internal and industry leading professionals lectures, experts panels and open discussion and Q&A.

We see the SOS events as a chance for dialogue, discussions and networking – All about software, security and what’s between.

SOS world wide events
SOSHub
SOSHub

S&TO official internal portal which centralizes all of the office knowledge policies, tools and best practices.

Secure code guidelines

A vast repository of Secure Code Guidelines demonstrating how to avoid or protect against known security vulnerabilities (SANS Top 20, OWASP Top 10).

Secure Code Guidelines
release-rel-2018-7-2-828 | Tue Jul 17 16:51:18 PDT 2018
828
release/rel-2018-7-2-828
Tue Jul 17 16:51:18 PDT 2018