In this course, participants will employ best practices in software development to develop secure software.
By the end of this course, participants will:
- Identify the need for security in your software projects.
- Eliminate vulnerabilities within software.
- Use a Security by Design approach to design a secure architecture for your software.
- Implement common protections to protect users and data.
- Apply various testing methods to find and correct security defects in your software.
- Maintain deployed software to ensure ongoing security
This course includes hands on activities for each topic area. The goal of these activities is to demonstrate concepts utilizing two universal languages Python and Java Script. Developers who use alternate languages will be able apply the principles from the activities to any coding languages.
Hands on exercises are designed to keep the typing of code to a bare minimum. CertNexus provides students with all of the code they need to complete activities. The activities do not require a “deep dive” into code to understand the principles being covered.
The stakes for software security are extremely high with over 100 billion lines of software code being produced each year and 70% of code in apps composed of open-source software and third-party libraries, and yet many development teams are forced to address software security when a vulnerability has been exposed. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle.
Cyber Secure Coder, leveraging many of the OWASP Top Ten best practices, is designed to validate the knowledge and skills required to design and develop protected applications. This includes better understanding vulnerabilities that undermine security, general strategy for dealing with security defects and misconfiguration, and how to incorporate security into all phases of development.
Software developers, testers, and architects who develop in multiple programming languages for any type of platform who desire or are required to develop highly protected applications for business and organizational use.
This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy.
Pass the Cyber Secure Coder Exam
Lesson 1: Identifying the Need for Security in Your Software Projects
Topic A: Identify Security Requirements and Expectations
Topic B: Identify Factors That Undermine Software Security
Topic C: Find Vulnerabilities in Your Software
Topic D: Gather Intelligence on Vulnerabilities and Exploits
Lesson 2: Handling Vulnerabilities
Topic A: Handle Vulnerabilities Due to Software Defects and Misconfiguration
Topic B: Handle Vulnerabilities Due to Human Factors
Topic C: Handle Vulnerabilities Due to Process Shortcomings
Lesson 3: Designing for Security
Topic A: Apply General Principles for Secure Design
Topic B: Design Software to Counter Specific Threats
Lesson 4: Developing Secure Code
Topic A: Follow Best Practices for Secure Coding
Topic B: Prevent Platform Vulnerabilities
Topic C: Prevent Privacy Vulnerabilities
Lesson 5: Implementing Common Protections
Topic A: Limit Access Using Login and User Roles
Topic B: Protect Data in Transit and At Rest
Topic C: Implement Error Handling and Logging
Topic D: Protect Sensitive Data and Functions
Topic E: Protect Database Access
Lesson 6: Testing Software Security
Topic A: Perform Security Testing
Topic B: Analyze Code to find Security Problems
Topic C: Use Automated Testing Tools to Find Security Problems
Lesson 7: Maintaining Security in Deployed Software
Topic A: Monitor and Log Applications to Support Security
Topic B: Maintain Security after Deployment
Appendix A: Mapping Course Content to Cyber Secure Coder (Exam CSC-110 / 210)
There are no scheduled dates for this course. Fill out the form to check future dates or deliver the course in-house