This course teaches you to implement secure coding practices and identify security vulnerabilities in applications to prevent data breaches and leaks, protecting your organization's reputation and financial stability. Vulnerabilities can arise at any stage of software development, making it crucial for developers to write secure code and maintain a secure development environment.

You’ll gain a comprehensive overview of security best practices that developers should follow when creating applications. The course covers a range of practices, concepts, and processes for maintaining a secure environment. You will learn about DevSecOps practices that automate security integration across the Software Development Lifecycle (SDLC), Static Application Security Testing (SAST) for identifying security flaws, and dynamic analysis and testing.

The course also emphasizes creating a secure development environment, focusing on securing networks, computing resources, and storage devices both on-premise and in the cloud. You'll become familiar with the top 10 Open Web Application Security Project (OWASP) application security risks, such as broken access controls and SQL injections, and learn how to prevent and mitigate these threats.

Hands-on labs are included to help you develop and demonstrate your skills and knowledge in application security. Enroll now!

Learning Outcomes

Showcase your understanding of security testing procedures and how effective coding practices and mitigation strategies reduce risk.
Implement security principles throughout various stages of the Software Development Lifecycle (SDLC).
Describe security by design principles and apply them to develop applications that integrate security from the ground up.
Apply defensive coding techniques that adhere to Open Web Application Security Project (OWASP) principles to build secure applications.

Course Syllabus

Module 1 - Introduction to Security for Application Development

Module Introduction and Learning Objectives
Video: Security by Design
Video: What is DevSecOps?
Reading: Summary and Highlights: Introduction to DevSecOps
Practice Quiz: Introduction to DevSecOps
Video: The OSI Model
Video: Securing Layers for Application Development
Video: Security Patterns
Video: TLS/SSL
Video: What is OpenSSL?
Hands on Lab: Using OpenSSL to Encrypt and Decrypt Files
Reading: Summary and Highlights: Understanding the Role of Network Security
Practice Quiz: Understanding the Role of Network Security
Video: Vulnerability Scanning and Threat Modeling
Video: Threat Monitoring
Video: Security Concepts and Terminology
Reading: Getting Started with Network and Port Scanning with Nmap
Hands on Lab: Scanning a Network Environment with Nmap
Reading: Summary and Highlights - Inspecting Security in Application Development
Practice Quiz: Inspecting Security in Application Development
Cheat Sheet: Introduction to Security for Application Development
Module 1 Glossary: Introduction to Security for Application Development
Graded Quiz: Introduction to Security for Application Development

Module 2: Security Testing and Mitigation Strategies

Module Introduction and Learning Objectives
Video: Introduction to Security Testing and Mitigation Strategies
Hands-on Lab: Using Static Analysis
Video: Dynamic Analysis
Hands-on Lab: Using Dynamic Analysis
Reading: Summary and Highlights - Introduction to Security Testing and Mitigation Strategies
Practice Quiz: Introduction to Security Testing and Mitigation Strategies
Video: Code Review
Video: Vulnerability Analysis
Video: Demo Video: Evaluating Vulnerability Analysis
Hands-on Lab: Evaluate Software Component Analysis
Video: Runtime Protection (4:28)
Video: Software Component Analysis (5:01)
Reading: Evaluate Software component analysis
Hands-on Lab: Evaluate Software Component Analysis
Video: Continuous Security Analysis (3:45)
Reading: Summary and Highlights - Implementing Key Analysis in Applications
Practice Quiz: Implementing Key Analysis in Applications
Cheat Sheet: Security Testing and Mitigation Strategies
Module 2 Glossary: Security Testing and Mitigation Strategies

Module 3: OWASP Application Security Risks

Intro to OWASP (Top 10) Sec Vulnerabilities
OWASP Top 1-3
OWASP Top 4-6
OWASP Top 7-10
Reading: Discover Code Vulnerabilities with Snyk (SAST) Free Tool
Hands on Lab: Discover Code Vulnerabilities with Snyk (SAST) Free Tool
Summary and Highlights: Introducing OWASP Top 10
Practice Quiz: Introducing OWASP Top 10
SQL Injections
Other Types of SQL Injection Attacks
Video: Demo Video: Example of an SQL Injection (7:29)
Hands-on Lab: Understanding SQL Injections
Cross Site Scripting
Hands-on Lab: Cross Site Scripting
Storing Secrets Securely
Hands-on Lab: Storing Secrets Securely
Reading: Summary and Highlights: Diving Deeper into OWASP
Practice Quiz: Diving Deeper into OWASP
Cheat Sheet: OWASP Application Security Risks
Module 3 Glossary: OWASP Application Security Risks
Graded Quiz: OWASP Application Security Risks

Module 4: Security Best Practices

Code Practices
Hands-on Lab: Code Practices
Dependencies
Video: Secure Development Environment
Hands-on Lab: Secure Development Environment
Reading: Summary and Highlights - Code Development Practices
Practice Quiz: Code Development Practices
Cheat Sheet: Security Best Practices
Module 4 Glossary: Security Best Practices
Graded Quiz: Security Best Practices
Practice Lab: Security Vulnerability Scan and Fix
Final Lab: Scan and Fix Vulnerabilities
Graded Quiz: Final Project
Final Assessment

Course Wrap up

Glossary: Application Security for Developers
Reading: Congratulations and Next Steps
Reading:Thanks from the Course Team

General Information

This course is self-paced.
This platform works best with current versions of Chrome, Edge, Firefox, Internet Explorer, or Safari.

Recommended Skills Prior to Taking this Course

Software Engineering principles
Working knowledge of Python

Security for Software Engineers

Language

Topic

Skills You Will Learn

Offered By

Estimated Effort

Platform

Last Update