Packt
Fundamentals of Secure Software
Packt

Fundamentals of Secure Software

Included with Coursera Plus

Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

9 hours to complete
3 weeks at 3 hours a week
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

9 hours to complete
3 weeks at 3 hours a week
Flexible schedule
Learn at your own pace

What you'll learn

  • Explore OWASP Top 10 and defend against those vulnerabilities

  • Learn to perform a threat model on an application

  • Perform a vulnerability scan of an application

  • Understand how to correct common security vulnerabilities in code

Details to know

Shareable certificate

Add to your LinkedIn profile

Recently updated!

August 2024

Assessments

10 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

Placeholder
Placeholder

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

Placeholder

There are 10 modules in this course

In this module, we will introduce you to the fundamentals of application security. You'll learn essential terms and definitions, understand the core objectives of application security, and get a practical demonstration of OWASP WebGoat, a tool designed to teach web security through hands-on exercises.

What's included

4 videos1 reading1 assignment

In this module, we will delve into the OWASP Top 10 and additional security concerns. You'll learn about the most critical web application security risks, the SANS Top 25 software errors, and the various threat actors involved. We will also cover defense-in-depth strategies, introduce proxy tools for testing, demonstrate Fiddler with JuiceShop, and discuss the principles of API security.

What's included

7 videos1 assignment

In this module, we will explore each of the OWASP Top 10 security risks in depth. You'll gain an understanding of broken access control, cryptographic failures, injection, and insecure design. We will also cover security misconfigurations, the risks of vulnerable components, identification and authentication failures, software and data integrity issues, security logging and monitoring failures, and server-side request forgery.

What's included

10 videos1 assignment

In this module, we will focus on defensive strategies and tools to enhance application security. You will learn how to install and configure OWASP ZAP, run security scans, and understand cross-site scripting. We'll cover implementing Content Security Policy, various security models, and using software composition analysis. Additionally, you'll explore the Security Knowledge Framework (SKF) through explanations and demos, and learn the essentials of performing secure code reviews.

What's included

11 videos1 assignment

In this module, we will cover the essential aspects of session management. You'll learn about best practices in session management, the workings of web sessions, and the role of JSON Web Tokens. We'll provide a detailed example of JWT, explain the OAuth protocol, and discuss OpenID and OpenID Connect, highlighting their importance in secure authentication and authorization processes.

What's included

6 videos1 assignment

In this module, we will explore risk rating and threat modeling methodologies. You'll gain an understanding of the importance of risk rating and learn how to perform it effectively. We'll introduce you to threat modeling, covering different types and techniques, including manual threat modeling. Additionally, we will prepare you for and demonstrate the use of the Microsoft Threat Model tool, providing a comprehensive approach to identifying and mitigating security threats.

What's included

8 videos1 assignment

In this module, we will delve into the core concepts of encryption and hashing. You'll learn about the importance and applications of encryption, explore different use cases, and gain an understanding of hashing principles. We'll also cover the Public Key Infrastructure (PKI) and its role in security, along with best practices for secure password management. Practical demonstrations will enhance your understanding of hashing and password management techniques.

What's included

7 videos1 assignment

In this module, we will explore essential frameworks and processes critical to application security. You'll learn about the regulatory requirements of HIPAA and PCI DSS, understand the roles and methodologies of DevOps, and be introduced to DevSecOps for integrating security into the development process. Additionally, we will examine various use, abuse, and misuse cases to understand potential threats and their mitigation strategies.

What's included

5 videos1 assignment

In this module, we will cover various security scanning and testing methodologies to ensure robust application security. You will learn about SAST and see a demonstration using Spot Bugs, understand the applications of DAST and IAST, and explore the benefits of RASP. We will also introduce Web Application Firewalls (WAF), explain the critical role of penetration testing, and discuss the importance of Software Composition Analysis (SCA) for securing open-source software components.

What's included

8 videos1 assignment

In this module, we will review the important concepts learned throughout the course. You'll get a recap of key application security practices and principles, reinforcing the importance of implementing these strategies in your work. This module will also encourage you to continue learning and staying updated on the latest in application security to ensure robust and effective protection for your applications.

What's included

1 video1 assignment

Instructor

Packt - Course Instructors
Packt
375 Courses25,243 learners

Offered by

Packt

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

New to Security? Start here.

Placeholder

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Frequently asked questions