← Compliance Training

Compliance in Software Development — Online Compact Course

Awareness training for development teams — 2 days, live online, €870 per person. The compact, schedulable option: a hands-on introduction to secure, compliant development — no travel costs, no long lead time, quick to book.

New European regulations (Cyber Resilience Act, NIS-2, GDPR) hold manufacturers and development teams directly accountable, and attacks are increasingly targeting the software supply chain (Log4Shell, xz, SolarWinds). Most incidents are not caused by malicious intent, but by a lack of awareness — and that is exactly where this compact course begins.

Organisations certified to ISO 27001 or BSI IT-Grundschutz — or working towards certification — must demonstrate regular, documented awareness training. The online format is ideal as a recurring awareness session: schedulable, location-independent, and with a certificate of attendance for your ISMS.

Target audience:

  • Developers, architects & tech leads — who need a solid, practical overview of secure development
  • Teams looking to raise their awareness baseline quickly and consistently — without the logistics of a multi-day on-site event
  • Organisations with recurring training obligations (ISO 27001 / BSI IT-Grundschutz) seeking a fixed, verifiable awareness building block

No prior security knowledge required. Also bookable for individual participants.

Duration: 2 days, live online
Price: €870 per person (excl. VAT)
Group size: 5–15 participants
Language: German (English on request)
Contact: training[at]datainmotion.com

Upcoming Dates

Two course dates are available in 2026. Places are limited — early registration is recommended. Additional dates can be arranged on request.

Date Duration Format
25–26 August 2026 2 days Live online
9–10 November 2026 2 days Live online

Registration: training[at]datainmotion.com

Course Content

The specific focus is agreed in advance.

Day Focus Topics
Day 1 Foundations & secure development The regulatory landscape at a glance (CRA, NIS-2, GDPR, “state of the art”) · Security by Design (Zero Trust, Least Privilege) · Secure Coding with real examples (OWASP Top 10, Java & TypeScript) · Secrets Management
Day 2 Supply chain, pipeline & operations Supply Chain Security & SBOM (software bill of materials) · CI/CD pipeline as a security layer (DevSecOps, Shift-Left) · Vulnerability & patch management · Lessons from real incidents · AI in development & product (compact block)
  • Real code & CI/CD examples: reviewing vulnerable code and pipeline configurations together — in Java and TypeScript
  • Anatomy of an incident: a real security breach broken down to the technical level
  • Guided live demos instead of slide marathons — with time for your questions

Benefits

  • Reduce risk & liability: requirements from CRA, NIS-2 and beyond become tangible
  • Meet your awareness obligation: a documented, recurring building block for ISO 27001 / BSI IT-Grundschutz
  • Shared vocabulary and immediately applicable tools — concrete patterns, tools, checklists
  • Schedulable & cost-effective: fixed price per person, no travel or logistics costs

Your Trainer

Mark Hoffmann — compliance from practice, not from a textbook: over 20 years as a software developer, 15 of them as an architect.

  • TÜV-certified Data Protection Officer
  • iSAQB® Certified Professional for Software Architecture — Foundation Level
  • BSI IT-Grundschutz Practitioner

Advisory architect on several municipal projects (including smart city initiatives) and in large enterprises — this training grew out of that hands-on experience. Core expertise: distributed, modular, and dynamic system architectures.

Need More Depth?

If you need something more comprehensive, hands-on over several days, and individually tailored to your tech stack and infrastructure, our on-site training “Compliance in Software Development” is the right choice — with threat modeling, secure architecture, a multi-day detective exercise, and a GDPR use case.

Get in touch: training[at]datainmotion.com