Security by Design (SbD) - Professional Program

Learn the DARES™ method from the Mastering Security by Design book, practice through a practical (non-heavy) course, then validate with the SbD CPL via a capstone.

Security by Design — Pro Bundle

$1,149 USD
Payment options available

A complete path to practice and proof. Includes the SbD Course (Fundamentals & Advanced), the Mastering Security by Design ebook (course material), and SbD CPL evaluation via a portfolio capstone (no multiple-choice exams).

Includes:

Course access
Course eBooks
CPL capstone review (1 attempt)
Plus, 1 year FREE ISAU membership

What will I Learn?

Security by Design Program

Description

ISAUnited’s Security by Design Program is the flagship training path of the School of Engineering Cyber Defense, built for professionals who want to stop reacting to security problems and start engineering secure systems from the first design decision. This program develops The Implementer—the Security by Design professional who can turn intent into execution, guide teams through defensible design choices, and keep risk visible from concept to operations.

Students learn a disciplined, repeatable method for translating business goals into measurable security requirements, applying threat and design analysis to real architectures, and placing controls where they belong using clear models, trust boundaries, interfaces, dependencies, and failure domains. You will also strengthen how you communicate decisions across engineering teams, document trade-offs with purpose, and produce evidence that stands up to review—so security becomes a built-in design constraint that reduces rework, accelerates delivery, and raises system resilience.

The program is delivered in two progressive parts—Fundamentals and Advanced—so you can start applying Security by Design immediately, then scale your capability into tooling, verification and validation, organizational adoption, and leadership. If you are a security practitioner, engineer, architect, or aspiring technical leader who wants practical methods that work in real projects, this program provides the structure and engineering mindset to build security in, not bolt it on.

Field of study: Cybersecurity — Security by Design

Program level: Certified Professional

Pathway: Certified Professional License (CSbDP)

Delivery format: 100% online (self-paced)

Pace: ≤30 days (typical 3–4 weeks)

Prerequisites:

B100 - Defensible 10 Standards Foundations
B110 - Defensible Essentials

Credits: 40 CPEs

Assessment: Portfolio artifacts + Capstone

Next start date: Jan 2026

Mastering Security by Design-Mockup cover-v2.png

Mastering Security by Design (ebook included)

The official course text and Source of Truth for SbD. It maps directly to the DARES™ lifecycle and D10S, and is used in knowledge checks and the CPL Capstone Portfolio.

Edition: First Edition 2025

ISBN: 979-8-218-65004-9

Practical models: CDM / CEC / CIE, DRM, TADA
Helps you turn goals into measurable acceptance criteria
Guides “shippable by default” with simple CI/CD gate policies

What will I take?

BASIC Courses (Prerequisites)

B100 — D10S Foundations

Course Description: This course introduces students to the Defensible 10 Standards and explains how the ten domains organize security responsibilities across enterprise and cloud environments. Students learn the purpose of each domain, the relationships among controls, requirements, and measurable acceptance criteria, and how to interpret a system diagram through the D10S lens. Additional emphasis is placed on creating a compact domain map and a simple control overlay that demonstrates traceability from risk to mitigation to verification. Students complete a short knowledge check and submit a domain map and overlay artifact suitable for portfolio use.

10 CPEs

Total Credits

10 Hours

Course Length

Back to Programs

NOTE: This course is required for all Programs.

B110 — Defensible Essentials

Course Description: This course introduces students to ISAUnited’s foundational approach for evaluating systems with an adversarial mindset and producing defensible security decisions. Students learn the Technical Adversarial & Defensible Analysis (TADA) method, how to read architecture and data flow at a basic level, how to identify likely attack paths, and how to document defensible control choices. The course includes practical micro labs, short case reviews, and lightweight Technical Mathematical Computation (TMC) exercises to build applied reasoning. No prerequisites.

10 CPEs

Total Credits

10 Hours

Course Length

Back to Programs

NOTE: This course is required for all Programs.

CORE Courses

SBD‑400 Fundamentals

Course Description: This track establishes core Security‑by‑Design competencies for students entering the program. Learners develop proficiency with CDM system views, trust boundaries, and interface modeling; apply Cybersecurity Engineering Concepts to justify design choices; and maintain concise DRM entries that express hazards, mitigations, and measurable acceptance criteria. Emphasis is placed on traceability from threat to control to test, ensuring every decision can be explained, reproduced, and validated in review.

10 CPEs

Total Credits

10 Hours

Course Length

Back to Programs

NOTE: This course is required for all Programs.

SBD‑450 Advanced

Course Description: This track advances Security‑by‑Design practice into governance, patterns, and continuous evidence capture. Students curate pattern catalogs with documented rationale and variance handling, implement policy‑as‑code and test‑as‑code gates in CI/CD, and assemble an executive outcomes brief that communicates risk deltas, coverage, and residuals. Instruction focuses on producing audit‑ready evidence and integrating SbD into delivery workflows without sacrificing velocity.

10 CPEs

Total Credits

10 Hours

Course Length

Back to Programs

NOTE: This course is required for all Programs.

What is the Exam?

Certified Professional License (CPL) - Capstone Portfolio

Description

A focused, real-world scenario that lets you prove mastery through a concise, defensible submission. The Capstone Portfolio is a solo, written, remote, and time-boxed to two weeks (10 business days) from assignment. Earlier submission is acceptable. There are no multiple-choice tests and no interviews.

What you will complete

Executive Summary (≤ 1 page): the problem, your approach, and the outcomes you expect.
Risk and Threat Snapshot: brief STRIDE notes and a compact MITRE ATT&CK technique table.
Design and Control Strategy: your patterns and controls mapped to D10S, and recognized control families.
Key Artifacts: one to two diagrams, a short validation plan, and a residual risk statement.
Defensibility Notes: assumptions, trade-offs, and rationale.
Presentation Deck: a concise 10 to 12-slide PPT with speaker notes that walks through the deliverables; export a PDF copy.

How it is evaluated
Your submission is scored on clarity of reasoning, alignment with standards, control traceability, validation rigor, and real-world feasibility. Written deliverables only.

Outcome
Successful completion satisfies the Capstone requirement for the ISAUnited Certified Professional License in your selected track.

Learn more about CPL

What Do I Get?

Your Professional License - Security by Design (CSbDP)

This is the license you earn when you pass the SbD CPL evaluation (included in the Pro Bundle). The evaluation is capstone-based—no multiple-choice exams. A successful review adds your name to the ISAUnited public registry.

Designation: Certified Security by Design Professional (CSbDP)
Evaluation: Capstone Portfolio panel review (DARES™, D10S alignment, evidence/V&V)
Included: 1 evaluation attempt with the SbD Pro Bundle
Credentialing: Digital certificate + verifiable License ID/issue date

Are you Ready?

Do you have questions about which program to choose or how the CPL works? Book a quick consult and we’ll help you or send us a message below.

Contact an Advisor

Lets Go!

Become a Knight

Acronym Library

Decode Our Alphabet Soup!

Learn here

HQ: 1-844-453-4411

Why Join ISAUnited?

Play

Become a Member Today

Membership Types

Get Involved

Technical Fellow Society Our Society is a prestigious body of seasoned experts whose leadership and counsel guide the advancement, integrity, and operations of our cybersecurity architecture and engineering mission.

ISAUnited Credentials, Certifications, & Accreditation

Click here for an overview:

Certified Professional Licenses (CPL)

Team Training & CAE Certification

Security by Design Accreditation

The School of Engineering Cyber Defense

Learning Starts Here

Professional Programs

Student Resouces

Find Your Pathway

Join Knights Nation Online school for cyber architecture & engineering—build a portfolio and follow a clear path to CPL.

ISAUnited's Defensible 10 Standards

Visit Defensible10.org Explore the open standards library, download the 2025 Draft Edition, and join the Open Season to contribute Sub-Standards that advance true cybersecurity engineering.

Security Standards

Security Controls

Security Design

Launching Fall 2025. ISAUnited’s Defensible 10 Standards offer a vendor-neutral, engineering-grade blueprint across ten core security domains for provable security by design beyond compliance.

U.S. Cyber Architecture and Engineering Report Card

Coming 2026 — Defensible Grades. Transparent scoring. Repeatable methods. Public accountability.

About

ISAUnited's Core Divisions & Programs

Cybersecurity Architecture

Cybersecurity Engineering