This course covers methods for assuring the security and functionality of existing software and services, whether legacy, internally developed, or externally acquired, with emphasis on detection of vulnerabilities and malicious content. It also discusses assurance considerations for system architectures, networks and databases in their role as underlying enablers of software operations. Methods for structuring and reverse engineering of existing software are covered, as are techniques for acquiring and assuring software and services through suppliers, service-oriented architectures and cloud computing environments. (3)