Programming Foundations: Secure Coding (2018)
1h 35mBeginner2024-12-09
Authors

Frank P Moley III
Senior Principal Engineer at Catch&Release
Course details
Learn how to incorporate security into the software development life cycle. Move security into your design and build phases by identifying common insecure code issues and embracing the mindset of a security professional. In this course, security architect Frank Moley provides a basic understanding of secure coding practices. Learn how to understand your attackers and risks and mitigate issues at critical junctures in your code, including thick app, client, and server interactions. Plus, explore how to prevent unauthorized access and data leaks with authentication and cryptography. Frank closes with an overview of security in each phase of the software development life cycle, and next steps for strengthening the security posture of your applications.
Learning objectives
Understanding attackers and risks
Documenting your risks
Issues related to web client–server interactions
Issues related to thick app and client–server interactions
Authorization and cryptography issues
Implementing security in each phase of the software development life cycle
Learning objectives
Understanding attackers and risks
Documenting your risks
Issues related to web client–server interactions
Issues related to thick app and client–server interactions
Authorization and cryptography issues
Implementing security in each phase of the software development life cycle
Skills covered
Software Development SecurityPersonaCybersecurity
Concepts
0. Introduction
- 01 - Implement secure code with your team
- 02 - What you need to know
1. Security and Risk Overview
- 03 - The goal of secure coding
- 04 - Understand an attacker
- 05 - Break what you build
- 06 - Understand your risks
- 07 - Document what you understand
2. Web Client Server Interaction Code Issues
- 08 - Input validation issues
- 09 - Communication channel issues
- 10 - Session management issues
3. Thick App and Client-Server Interaction Issues
- 11 - Error handling issues
- 12 - Logging and output issues
- 13 - Internal data management issues
- 14 - Configuration issues
- 15 - Database issues
- 16 - File and I O issues
- 17 - Memory management issues
- 18 - Dependency issues
4. Crypto and Security Misuse Issues
- 19 - Authentication and password issues
- 20 - Authorization and access control issues
- 21 - Cryptography issues
5. Security in the SDLC
- 22 - Embrace security in design
- 23 - Embrace security in development
- 24 - Embrace security in testing
- 25 - Embrace security in deployment
- 26 - Implement best practices
Glossaries
Conclusion
- 27 - Next steps
Related courses
- Programming Foundations: Secure Coding
- AI Product Development: Secure by Design
- The AI-Driven Software Developer: Optimize, Innovate, Transform
- Debugging in C#
- Programming Foundations: APIs and Web Services
- Programming Foundations: Web Security (2019)
- Programming Foundations: Web Security
- Protecting Your Software with Component Analysis
Related learn paths
- Become a Programmer: Foundations
- Explore a Career in Application Security
- Develop Your Skills in Agile Software Development
- Advance your Node.js Skills
- Become a Software Developer
- Prepare for the MTA: Software Development Fundamentals Exam (98-361)
- Java Foundations Professional Certificate by JetBrains
- C# Foundations: From Basics to Building Blocks