We may earn an affiliate commission when you visit our partners.
Course image
David A. Wheeler

現代のソフトウェアは常に攻撃を受けていますが、多くのソフトウェア開発者は、それらの攻撃に効果的に対処する方法を教わったことがありません。このコースでは、この問題を解決するために、セキュアなソフトウェアを開発するための基本的な知識を解説します。このコースは、ソフトウェア開発者、DevOpsプロフェッショナル、ソフトウェア技術者、Webアプリケーション開発者、およびセキュアなソフトウェアの開発方法を学ぶことに関心のある人を対象としており、情報セキュリティを改善するために、限られたリソースでも実行可能な実践的なステップに重点を置いています。このコースでは、ソフトウェア開発者が、攻撃を成功させるのが格段に難しいシステムを開発し、維持すること、攻撃が成功した場合の被害を減らすこと、潜在的な脆弱性を速やかに修復できるよう対応を迅速化することができるようになることを目指します。

このコースでは、入力検証(なぜ許可リストを使用し、拒否リストを使用しないかなど)、セキュアなデータ処理、他のプログラムの呼び出し、出力の送信、エラー処理など、実装上の重要な問題に焦点を当てます。このコースでは、最も一般的な種類の攻撃に対処するために、(開発者として)あなたが取ることができる実践的なステップに重点を置いています。

Read more

現代のソフトウェアは常に攻撃を受けていますが、多くのソフトウェア開発者は、それらの攻撃に効果的に対処する方法を教わったことがありません。このコースでは、この問題を解決するために、セキュアなソフトウェアを開発するための基本的な知識を解説します。このコースは、ソフトウェア開発者、DevOpsプロフェッショナル、ソフトウェア技術者、Webアプリケーション開発者、およびセキュアなソフトウェアの開発方法を学ぶことに関心のある人を対象としており、情報セキュリティを改善するために、限られたリソースでも実行可能な実践的なステップに重点を置いています。このコースでは、ソフトウェア開発者が、攻撃を成功させるのが格段に難しいシステムを開発し、維持すること、攻撃が成功した場合の被害を減らすこと、潜在的な脆弱性を速やかに修復できるよう対応を迅速化することができるようになることを目指します。

このコースでは、入力検証(なぜ許可リストを使用し、拒否リストを使用しないかなど)、セキュアなデータ処理、他のプログラムの呼び出し、出力の送信、エラー処理など、実装上の重要な問題に焦点を当てます。このコースでは、最も一般的な種類の攻撃に対処するために、(開発者として)あなたが取ることができる実践的なステップに重点を置いています。

このコースは、「セキュア ソフトウェア開発の基礎」のプロフェッショナル認定プログラムの3つのコースのうちの2つ目のコースで、オープンソースのエコシステムのセキュリティにフォーカスしたLinux FoundationのプロジェクトであるOpen Source Security Foundation(OpenSSF)によって開発されたものです。

What's inside

Learning objective

実装:よりセキュアなソフトウェアを実装する方法を学びます。これには、入力検証、セキュアなデータ処理、他のプログラムへの呼び出し、出力の送信などが含まれます。また、暗号の基礎や問題の処理(エラー処理コードなど)など、より専門的なアプローチについても学びます。

Syllabus

ようこそ!
第1章 入力検証
第2章 データの安全な処理
第3章 他のプログラムの呼び出し
Read more
第4章 出力の送信
最終問題(ベリファイドトラックのみ)

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Requires no prerequisites, making it a good starting point for beginners
Emphasizes vulnerability remediation, important for software security

Save this course

Save セキュア ソフトウェア開発:実装 to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in セキュア ソフトウェア開発:実装 with these activities:
Secure Programming Tutorial
Supplement your understanding of secure coding by following along with an online tutorial that provides practical examples and exercises.
Browse courses on Secure Programming
Show steps
  • Search for a reputable tutorial on secure programming in your preferred programming language.
  • Follow the steps outlined in the tutorial.
  • Complete the exercises and quizzes to test your comprehension.
Input Validation Practice
Sharpen your input validation skills by completing a series of practice exercises that test your ability to prevent malicious input from compromising your code.
Browse courses on Input Validation
Show steps
  • Find online resources or practice platforms that provide input validation exercises.
  • Solve the exercises, paying attention to different types of input validation techniques.
  • Review your solutions and identify areas where you can improve your approach.
Peer Review: Secure Function Implementation
Enhance your code security and understanding by engaging in peer review sessions where you share your secure function implementations and provide feedback to others.
Browse courses on Peer Review
Show steps
  • Pair up with a classmate or find a study group that values peer learning.
  • Implement a secure function based on the course material.
  • Share your implementation with your peer and request their review.
  • Provide constructive feedback on your peer's implementation, focusing on security aspects.
Two other activities
Expand to see all activities and additional details
Show all five activities
Security Blog Post
Solidify your knowledge by creating a blog post that summarizes key concepts of secure software development, sharing your insights and best practices.
Browse courses on Software Security
Show steps
  • Choose a specific topic related to secure software development that you find interesting.
  • Research and gather information from reliable sources, including the course materials.
  • Write a well-structured blog post that explains the topic in a clear and engaging manner.
  • Share your blog post with the class or a wider audience to receive feedback and engage in discussions.
Security Workshop: Attack and Defense
Immerse yourself in a hands-on workshop where you can simulate real-world attacks and learn effective defense mechanisms, deepening your understanding of software security.
Browse courses on Software Security
Show steps
  • Identify and register for a relevant security workshop or conference.
  • Actively participate in the workshop, engaging in discussions and hands-on exercises.
  • Collaborate with experts and peers to learn about the latest threats and defense strategies.

Career center

Learners who complete セキュア ソフトウェア開発:実装 will develop knowledge and skills that may be useful to these careers:
Network Security Engineer
Network Security Engineers design, implement, and maintain security measures for computer networks. They work with organizations to protect their networks from attack. This course can help Network Security Engineers by providing them with the knowledge and skills they need to develop more effective security measures for computer networks. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure networks.
Security Consultant
Security Consultants provide advice and guidance to organizations on how to protect their computer systems and networks from attack. They work with organizations to identify and mitigate security risks. This course can help Security Consultants by providing them with the knowledge and skills they need to develop more effective security measures. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure systems.
Cloud Security Engineer
Cloud Security Engineers design, implement, and maintain security measures for cloud-based systems. They work with organizations to protect their cloud-based data and applications from attack. This course can help Cloud Security Engineers by providing them with the knowledge and skills they need to develop more effective security measures for cloud-based systems. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure cloud-based systems.
Penetration Tester
Penetration Testers attempt to hack into computer systems and networks to identify and exploit vulnerabilities. They work with organizations to improve their security posture. This course can help Penetration Testers by providing them with the knowledge and skills they need to develop more effective penetration tests. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure systems.
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization's information assets. They work with organizations to identify and mitigate security risks. This course can help Information Security Analysts by providing them with the knowledge and skills they need to develop more effective security measures. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure systems.
DevOps Engineer
DevOps Engineers work with software developers and operations teams to ensure that software is developed and deployed securely. They use their knowledge of software development, operations, and security to create and maintain secure software systems. This course can help DevOps Engineers by providing them with the knowledge and skills they need to develop and deploy more secure software. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure software.
Security Engineer
Security Engineers design, implement, and maintain security systems. They work with organizations to protect their computer systems and networks from attack. This course can help Security Engineers by providing them with the knowledge and skills they need to develop more effective security systems. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure systems.
Security Analyst
Security Analysts plan and implement security measures to protect computer systems and networks. They work with organizations to identify and mitigate security risks. This course can help Security Analysts by providing them with the knowledge and skills they need to develop more effective security measures. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure systems.
Software Engineer
Software Engineers design, develop, test, and maintain software systems. They use their knowledge of programming languages, software development tools, and computer science fundamentals to create software that meets the needs of users. This course can help Software Engineers by providing them with the knowledge and skills they need to develop more secure software. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure software.
Systems Analyst
Systems Analysts analyze and design computer systems. They work with users to determine their needs and then design systems that meet those needs. This course can help Systems Analysts by providing them with the knowledge and skills they need to design more secure systems. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for designing secure systems.
Computer Forensics Analyst
Computer Forensics Analysts investigate computer crimes and security breaches. They work with law enforcement and other organizations to collect and analyze evidence. This course can help Computer Forensics Analysts by providing them with the knowledge and skills they need to develop more effective computer forensic investigations. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for collecting and analyzing evidence.
Machine Learning Engineer
Machine Learning Engineers design, develop, and maintain machine learning models. They work with organizations to use machine learning to solve problems and make predictions. This course can help Machine Learning Engineers by providing them with the knowledge and skills they need to develop more secure machine learning models. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure machine learning models.
Web Developer
Web Developers design, develop, and maintain websites. They use their knowledge of programming languages, web development tools, and design principles to create websites that meet the needs of users. This course can help Web Developers by providing them with the knowledge and skills they need to develop more secure websites. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure websites.
Mobile Developer
Mobile Developers design, develop, and maintain mobile applications. They use their knowledge of programming languages, mobile development tools, and design principles to create mobile applications that meet the needs of users. This course can help Mobile Developers by providing them with the knowledge and skills they need to develop more secure mobile applications. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure mobile applications.
Data Scientist
Data Scientists use data to solve problems and make predictions. They work with organizations to collect, analyze, and interpret data. This course can help Data Scientists by providing them with the knowledge and skills they need to develop more secure data science models. The course covers topics such as input validation, secure data processing, and output sanitization, which are all essential for developing secure data science models.

Reading list

We've selected six books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in セキュア ソフトウェア開発:実装.
セキュアなソフトウェア開発のライフサイクルを網羅した書籍で、このコースと合わせて読むことで、セキュアなソフトウェア開発の包括的な理解が得られます。
C/C++言語におけるセキュアコーディングに特化した書籍で、脆弱性対策のためのベストプラクティスを網羅しています。このコースで扱う実装上の問題の理解を深めるのに役立ちます。
開発者向けのセキュアコーディングのガイドブックで、一般的な攻撃手法とその防御策を詳細に解説しています。このコースの補完的な資料として適しています。
暗号化エンジニアリングの包括的なガイドブックで、このコースで扱う暗号の基礎理解を深めるのに役立ちます。
分散システムのセキュリティに関するガイドブックで、このコースで扱うセキュアなソフトウェア開発の背景理解に役立ちます。

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to セキュア ソフトウェア開発:実装.
セキュア ソフトウェア開発:要件、設計、再利用
Most relevant
セキュア ソフトウェア開発:検証、専門的トピック
Most relevant
Next.js × shadcn/ui × Supabaseで本格的なWebアプリ開発を学ぶフルスタック講座
Most relevant
【フォーム開発実践】認証やお問い合わせフォームをNext.js/RHF/zod等のモダン技術を使って開発する実践講座
Most relevant
通訳者が教える 英語筋肉の鍛え方と使い方 / 誰でも英語が話せるようになる発音練習法A to Zその4・発音編
Most relevant
【Stripe決済実践】Next.jsとSupabaseで動画レッスン販売アプリを作りながらStripeを学ぶ実践講...
Most relevant
【初心者向け】直感的にわかる!Arduino(アルディーノ)で初めての電子工作 / デジタル回路設計 の基礎を学ぼう
Most relevant
Gemini for end-to-end SDLC - 日本語版
Most relevant
英語リスニング力UP! 【日本人のためのアメリカ英語発音講座 Vol.1】
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser