- Cybersecurity
- Java
- secure programming
- C/C++
- Cryptography
- Authentication Methods
- Identifying vulernabilities
- C/C++ Programming
- Java Programming
- security
Offered By
What you will learn
Practice improving the security and robustness of your programs.
Create threat models and apply basic cryptography.
Evaluate and remediate fragile C++ library code.
Exploit common types of injection problems and fix the root causes.
Skills you will gain
About this Specialization
Applied Learning Project
The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.
This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.
Some related experience required.
Some related experience required.
How the Specialization Works
Take Courses
A Coursera Specialization is a series of courses that helps you master a skill. To begin, enroll in the Specialization directly, or review its courses and choose the one you'd like to start with. When you subscribe to a course that is part of a Specialization, you’re automatically subscribed to the full Specialization. It’s okay to complete just one course — you can pause your learning or end your subscription at any time. Visit your learner dashboard to track your course enrollments and your progress.
Hands-on Project
Every Specialization includes a hands-on project. You'll need to successfully finish the project(s) to complete the Specialization and earn your certificate. If the Specialization includes a separate course for the hands-on project, you'll need to finish each of the other courses before you can start it.
Earn a Certificate
When you finish every course and complete the hands-on project, you'll earn a Certificate that you can share with prospective employers and your professional network.

There are 4 Courses in this Specialization
Principles of Secure Coding
This course introduces you to the principles of secure programming. It begins by discussing the philosophy and principles of secure programming, and then presenting robust programming and the relationship between it and secure programming. We'll go through a detailed example of writing robust code and we'll see many common programming problems and show their connection to writing robust, secure programs in general. We’ll examine eight design principles that govern secure coding and how to apply them to your own work. We’ll discuss how poor design choices drive implementation in coding. We’ll differentiate between informal, formal, and ad hoc coding methods. Throughout, methods for improving the security and robustness of your programs will be emphasized and you will have an opportunity to practice these concepts through various lab activities. A knowledge of the C programming language is helpful, but not required to participate in the lab exercises.
Identifying Security Vulnerabilities
This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models, and think critically about the threat models created by other people. We'll learn the basics of applying cryptography, such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data. We'll gain a fundamental understanding of injection problems in web applications, including the three most common types of injection problems: SQL injection, cross-site scripting, and command injection.
Identifying Security Vulnerabilities in C/C++Programming
This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities, courses one and two, in this specialization. This course uses the focusing technique that asks you to think about: “what to watch out for” and “where to look” to evaluate and ultimately remediate fragile C++ library code.
Exploiting and Securing Vulnerabilities in Java Applications
In this course, we will wear many hats. With our Attacker Hats on, we will exploit Injection issues that allow us to steal data, exploit Cross Site Scripting issues to compromise a users browser, break authentication to gain access to data and functionality reserved for the ‘Admins’, and even exploit vulnerable components to run our code on a remote server and access some secrets. We will also wear Defender Hats. We will dive deep in the code to fix the root cause of these issues and discuss various mitigation strategies. We do this by exploiting WebGoat, an OWASP project designed to teach penetration testing. WebGoat is a deliberately vulnerable application with many flaws and we take aim at fixing some of these issues. Finally we fix these issues in WebGoat and build our patched binaries. Together we will discuss online resources to help us along and find meaningful ways to give back to the larger Application Security community.
Offered by

University of California, Davis
UC Davis, one of the nation’s top-ranked research universities, is a global leader in agriculture, veterinary medicine, sustainability, environmental and biological sciences, and technology. With four colleges and six professional schools, UC Davis and its students and alumni are known for their academic excellence, meaningful public service and profound international impact.
Frequently Asked Questions
What is the refund policy?
Can I just enroll in a single course?
Is financial aid available?
Can I take the course for free?
Is this course really 100% online? Do I need to attend any classes in person?
Will I earn university credit for completing the Specialization?
How long does it take to complete the Specialization?
What background knowledge is necessary?
Do I need to take the courses in a specific order?
More questions? Visit the Learner Help Center.