Secure Coding Practices Specialization

12,349 enrolled

Secure Coding Practices Specialization

Included with Coursera Plus

Learn more

4 course series

Get in-depth knowledge of a subject

4.5

(387 reviews)

Intermediate level

Some related experience required

Flexible schedule

2 months at 10 hours a week

Earn a career credential

Share your expertise with employers

4 course series

Get in-depth knowledge of a subject

4.5

(387 reviews)

Intermediate level

Some related experience required

Flexible schedule

2 months at 10 hours a week

Earn a career credential

Share your expertise with employers

Overview

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

Applied Learning Project

The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.

Practice improving the security and robustness of your programs.
Create threat models and apply basic cryptography.
Evaluate and remediate fragile C++ library code.
Exploit common types of injection problems and fix the root causes.

What’s included

Shareable certificate

Add to your LinkedIn profile

Taught in English

24 practice exercises

Advance your subject-matter expertise

Learn in-demand skills from university and industry experts
Master a subject or tool with hands-on projects
Develop a deep understanding of key concepts
Earn a career certificate from University of California, Davis

Specialization - 4 course series

Principles of Secure Coding

Course 115 hours4.4 (369 ratings)View course

What you'll learn

This course introduces you to the principles of secure programming. It begins by discussing the philosophy and principles of secure programming, and then presenting robust programming and the relationship between it and secure programming. We'll go through a detailed example of writing robust code and we'll see many common programming problems and show their connection to writing robust, secure programs in general. We’ll examine eight design principles that govern secure coding and how to apply them to your own work. We’ll discuss how poor design choices drive implementation in coding. We’ll differentiate between informal, formal, and ad hoc coding methods. Throughout, methods for improving the security and robustness of your programs will be emphasized and you will have an opportunity to practice these concepts through various lab activities. A knowledge of the C programming language is helpful, but not required to participate in the lab exercises.

Skills you'll gain

Category: Secure Coding

Category: Programming Principles

Category: Computer Programming

Category: Debugging

Category: Software Engineering

Category: Software Development Methodologies

Category: Computational Logic

Category: Software Design

Category: Application Security

Identifying Security Vulnerabilities

Course 213 hours4.7 (176 ratings)View course

What you'll learn

This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models, and think critically about the threat models created by other people. We'll learn the basics of applying cryptography, such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data. We'll gain a fundamental understanding of injection problems in web applications, including the three most common types of injection problems: SQL injection, cross-site scripting, and command injection.

We'll also cover application authentication and session management where authentication is a major component of a secure web application and session management is the other side of the same coin, since the authenticated state of user requests need to be properly handled and run as one session. We'll learn about sensitive data exposure issues and how you can help protect your customer's data. We'll cover how to effectively store password-related information, and not to store the actual plaintext passwords. We'll participate in coding assignment that will help you to better understand the mechanisms for effectively storing password-related information. Along the way, we’ll discuss ways of watching out for and mitigating these issues and be able have some fun and exploit two different vulnerabilities in a web application that was designed to be vulnerable, called WebGoat.

Skills you'll gain

Category: Application Security

Category: Encryption

Category: Authentications

Category: Cryptography

Category: Secure Coding

Category: Open Web Application Security Project (OWASP)

Category: Web Applications

Category: Data Security

Category: Threat Modeling

Category: Vulnerability Assessments

Category: Data Validation

Identifying Security Vulnerabilities in C/C++Programming

Course 322 hours4.6 (80 ratings)View course

What you'll learn

Apply “what to watch out for” and “where to look” to evaluate fragility of C++ library code.
Given a fragile C++ library, code a robust version.
Identify problems w/ privilege, trusted environments, input validation, files & sub-processes, resource mngmt, asynchronicity, & randomness in C/C++.
Remediate examples of problems that apply to C/C++ interactions with the programming environment.

Skills you'll gain

Category: Secure Coding

Category: Unix

Category: Data Validation

Category: OS Process Management

Category: Cryptography

Category: Linux

Category: Encryption

Category: File Management

Category: User Accounts

Category: Shell Script

Category: Vulnerability Assessments

Category: Application Security

Category: C (Programming Language)

Category: Verification And Validation

Exploiting and Securing Vulnerabilities in Java Applications

Course 423 hours4.4 (65 ratings)View course

What you'll learn

Practice protecting against various kinds of cross-site scripting (XSS) attacks.
Form plans to mitigate injection vulnerabilities in your web application.
Create strategies and controls to provide secure authentication.
Examine code to find and patch vulnerable components.

Skills you'll gain

Category: Open Web Application Security Project (OWASP)

Category: Secure Coding

Category: JSON

Category: Authentications

Category: Application Security

Category: Dependency Analysis

Category: Vulnerability Scanning

Category: Security Testing

Category: Security Strategy

Category: Security Controls

Category: Authorization (Computing)

Category: Vulnerability Assessments

Category: Java Programming

Category: Java

Category: Vulnerability Management

Category: Code Review

Category: Patch Management

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructors

Joubin Jabbari

University of California, Davis

1 Course8,376 learners

Sandra Escandor-O'Keefe

University of California, Davis

1 Course14,737 learners

Matthew Bishop, PhD

University of California, Davis

2 Courses27,451 learners

Offered by

University of California, Davis

Why people choose Coursera for their career

Felipe M.

Learner since 2018

"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."

Jennifer J.

Learner since 2020

"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."

Larry W.

Learner since 2021

"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Learn more

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Explore degrees

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Learn more

Frequently asked questions

It is intended to be able to complete in 4-5 months, but you may want to give yourself more time to work through the many activities outlined in the various courses.

Familiar with the Software Development Lifecycle.
Fluent in one or more coding languages (including web front-end development languages.)
For Java course, Fluent in Java.
For C/C++ course, Fluent in C/C++.

We recommend you begin with Principles of Secure Coding and then move to Identifying Security Vulnerabilities. The other two courses can be taken in either order.

Secure Coding Practices Specialization

Overview

Skills you'll gain

Tools you'll learn

What’s included

Advance your subject-matter expertise