Compliance in Software Development — Online Compact Course
Awareness training for development teams — 2 days, live online, €870 per person. The compact, schedulable option: a hands-on introduction to secure, compliant development — no travel costs, no long lead time, quick to book.
New European regulations (Cyber Resilience Act, NIS-2, GDPR) hold manufacturers and development teams directly accountable, and attacks are increasingly targeting the software supply chain (Log4Shell, xz, SolarWinds). Most incidents are not caused by malicious intent, but by a lack of awareness — and that is exactly where this compact course begins.
Organisations certified to ISO 27001 or BSI IT-Grundschutz — or working towards certification — must demonstrate regular, documented awareness training. The online format is ideal as a recurring awareness session: schedulable, location-independent, and with a certificate of attendance for your ISMS.
Target audience:
- Developers, architects & tech leads — who need a solid, practical overview of secure development
- Teams looking to raise their awareness baseline quickly and consistently — without the logistics of a multi-day on-site event
- Organisations with recurring training obligations (ISO 27001 / BSI IT-Grundschutz) seeking a fixed, verifiable awareness building block
No prior security knowledge required. Also bookable for individual participants.
Duration: 2 days, live online
Price: €870 per person (excl. VAT)
Group size: 5–15 participants
Language: German (English on request)
Contact: training[at]datainmotion.com
Upcoming Dates
Two course dates are available in 2026. Places are limited — early registration is recommended. Additional dates can be arranged on request.
| Date | Duration | Format |
|---|---|---|
| 25–26 August 2026 | 2 days | Live online |
| 9–10 November 2026 | 2 days | Live online |
Registration: training[at]datainmotion.com
Course Content
The specific focus is agreed in advance.
| Day | Focus | Topics |
|---|---|---|
| Day 1 | Foundations & secure development | The regulatory landscape at a glance (CRA, NIS-2, GDPR, “state of the art”) · Security by Design (Zero Trust, Least Privilege) · Secure Coding with real examples (OWASP Top 10, Java & TypeScript) · Secrets Management |
| Day 2 | Supply chain, pipeline & operations | Supply Chain Security & SBOM (software bill of materials) · CI/CD pipeline as a security layer (DevSecOps, Shift-Left) · Vulnerability & patch management · Lessons from real incidents · AI in development & product (compact block) |
- Real code & CI/CD examples: reviewing vulnerable code and pipeline configurations together — in Java and TypeScript
- Anatomy of an incident: a real security breach broken down to the technical level
- Guided live demos instead of slide marathons — with time for your questions
Benefits
- Reduce risk & liability: requirements from CRA, NIS-2 and beyond become tangible
- Meet your awareness obligation: a documented, recurring building block for ISO 27001 / BSI IT-Grundschutz
- Shared vocabulary and immediately applicable tools — concrete patterns, tools, checklists
- Schedulable & cost-effective: fixed price per person, no travel or logistics costs
Your Trainer
Mark Hoffmann — compliance from practice, not from a textbook: over 20 years as a software developer, 15 of them as an architect.
- TÜV-certified Data Protection Officer
- iSAQB® Certified Professional for Software Architecture — Foundation Level
- BSI IT-Grundschutz Practitioner
Advisory architect on several municipal projects (including smart city initiatives) and in large enterprises — this training grew out of that hands-on experience. Core expertise: distributed, modular, and dynamic system architectures.
Need More Depth?
If you need something more comprehensive, hands-on over several days, and individually tailored to your tech stack and infrastructure, our on-site training “Compliance in Software Development” is the right choice — with threat modeling, secure architecture, a multi-day detective exercise, and a GDPR use case.
Get in touch: training[at]datainmotion.com