We may earn an affiliate commission when you visit our partners.
David A. Wheeler
Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources, to improve information security. This course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.
Read more
Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources, to improve information security. This course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.
Read more
Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources, to improve information security. This course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.
This course discusses the basics of security, such as what risk management really means. It discusses how to consider security as part of the requirements of a system, and what potential security requirements you might consider. This part then discusses how to design software to be secure, including various secure design principles that will help you avoid bad designs and embrace good ones. It also discusses how to secure your software supply chain, that is, how to more securely select and acquire reused software (including open source software) to enhance security.
This is the first of the three courses in the Secure Software Development Fundamentals Professional Certificate program, and was developed by the Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on securing the open source ecosystem. The training courses included in this program focus on practical steps that you (as a developer) can take to counter most common kinds of attacks.
Register for this course and see more details by visiting:
OpenCourser.com/course/fsid42/secure
Three deals to help you save
We found three deals and offers that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Use code at checkout.
Valid until December 4
Save on Select Programs
Stay ahead in a competitive job market and save with these programs.
Take
30%
off
EDXCYBER24
Valid for a limited time only
Future-proof your career
Access O'Reilly books, live events, courses, and more. Save with an annual subscription.
Take
15%
off
What's inside
Learning objectives
- Security basics: risk management, the “cia” triad, and requirements.
- Secure design principles: what are principles such as “least privilege” and how to apply these principles.
- Supply chain evaluation: tips on how to choose packages to reuse, and how to reuse them so that you can rapidly be alerted & update.
- Security basics: risk management, the “cia” triad, and requirements.
- Secure design principles: what are principles such as “least privilege” and how to apply these principles.
- Supply chain evaluation: tips on how to choose packages to reuse, and how to reuse them so that you can rapidly be alerted & update.
Syllabus
Welcome!
Security Basics
Secure Design Principles
Reusing External Software
Read more
Syllabus
Welcome!
Security Basics
Secure Design Principles
Reusing External Software
Read more
Final Exam (Verified track only)
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Designed for software developers, DevOps professionals, software engineers, web application developers, and others, this course will help you develop and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired
Students will learn how to design, develop and maintain secure software
Students will examine the basics of security, such as risk management, the ‘CIA’ triad, and requirements
Taught by instructors David A. Wheeler who are recognized for their work in secure software development
This course is part of the Secure Software Development Fundamentals Professional Certificate program, developed by the Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on securing the open source ecosystem
Save this course
Save Secure Software Development: Requirements, Design, and Reuse to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Secure Software Development: Requirements, Design, and Reuse with these
activities:
Review secure coding practices
Show steps
Sharpen your understanding of the principles and practices of secure coding to enhance the security of your software from the start.
Browse courses on
Secure Coding
Show steps
-
Review documentation on best practices for secure coding
-
Complete online tutorials or courses on secure coding
-
Practice implementing secure coding techniques in your own projects
Attend a workshop or conference on secure software development
Show steps
Gain exposure to cutting-edge research, industry best practices, and expert insights by attending specialized events on secure software development.
Show steps
-
Research upcoming workshops or conferences tailored to secure software development
-
Review the agenda and speaker lineup to identify sessions that align with your learning goals
-
Register for the event and make arrangements for travel and accommodation (if necessary)
-
Actively participate in sessions, take notes, and engage with speakers and attendees
Compile a reference guide of security resources
Show steps
Create a comprehensive resource for yourself and fellow learners by compiling a collection of valuable materials on secure software development.
Show steps
-
Gather relevant articles, tutorials, documentation, and tools on secure software development
-
Organize the resources into logical categories or sections
-
Provide brief summaries or annotations for each resource
-
Share your compilation with other students or online communities
Five other activities
Expand to see all activities and additional details
Show all eight activities
Build a secure software project using OWASP Top 10
Show steps
Gain hands-on experience in applying industry-standard security best practices by building a software project that addresses common vulnerabilities.
Browse courses on
OWASP Top 10
Show steps
-
Familiarize yourself with the OWASP Top 10 vulnerabilities
-
Choose a software project idea that incorporates various security considerations
-
Implement security measures to address each of the OWASP Top 10 vulnerabilities in your project
-
Test and evaluate the security of your project
Organize a study group or discussion forum on secure software development
Show steps
Engage with fellow learners and exchange knowledge through regular discussions and collaborative activities.
Show steps
-
Identify a group of peers who share your interest in secure software development
-
Establish a regular meeting schedule and set clear goals for each session
-
Take turns presenting on chosen topics or case studies
-
Facilitate group discussions and encourage active participation from all members
Participate as a mentor in a secure software development community
Show steps
Share your knowledge and expertise by guiding and supporting fellow learners in their journey to master secure software development.
Show steps
-
Join online forums or communities dedicated to secure software development
-
Identify opportunities to answer questions and provide guidance to other members
-
Participate in discussions and share your insights on best practices and emerging trends
Contribute to an open-source secure software development project
Show steps
Gain practical experience and make a meaningful contribution to the secure software development community by participating in open-source projects.
Show steps
-
Identify open-source projects that focus on secure software development
-
Review the project's documentation and codebase to understand its goals and architecture
-
Propose and implement improvements or new features that enhance the security of the project
-
Submit pull requests and actively engage with the project's maintainers
Participate in a bug bounty program or hacking challenge
Show steps
Put your skills to the test and challenge yourself by participating in real-world scenarios that involve finding and exploiting security vulnerabilities.
Show steps
-
Identify bug bounty programs or hacking challenges that align with your interests and skill level
-
Study the rules and guidelines carefully
-
Set realistic goals and allocate sufficient time for research and exploration
-
Submit your findings and document your approach with clear and concise reports
Review secure coding practices
Show steps
Sharpen your understanding of the principles and practices of secure coding to enhance the security of your software from the start.
Browse courses on
Secure Coding
Show steps
Show steps
Show steps
- Review documentation on best practices for secure coding
- Complete online tutorials or courses on secure coding
- Practice implementing secure coding techniques in your own projects
Attend a workshop or conference on secure software development
Show steps
Gain exposure to cutting-edge research, industry best practices, and expert insights by attending specialized events on secure software development.
Show steps
Show steps
Show steps
- Research upcoming workshops or conferences tailored to secure software development
- Review the agenda and speaker lineup to identify sessions that align with your learning goals
- Register for the event and make arrangements for travel and accommodation (if necessary)
- Actively participate in sessions, take notes, and engage with speakers and attendees
Compile a reference guide of security resources
Show steps
Create a comprehensive resource for yourself and fellow learners by compiling a collection of valuable materials on secure software development.
Show steps
Show steps
Show steps
- Gather relevant articles, tutorials, documentation, and tools on secure software development
- Organize the resources into logical categories or sections
- Provide brief summaries or annotations for each resource
- Share your compilation with other students or online communities
Five other activities
Expand to see all activities and additional details
Show all eight activities
Build a secure software project using OWASP Top 10
Show steps
Gain hands-on experience in applying industry-standard security best practices by building a software project that addresses common vulnerabilities.
Browse courses on
OWASP Top 10
Show steps
Show steps
Show steps
- Familiarize yourself with the OWASP Top 10 vulnerabilities
- Choose a software project idea that incorporates various security considerations
- Implement security measures to address each of the OWASP Top 10 vulnerabilities in your project
- Test and evaluate the security of your project
Organize a study group or discussion forum on secure software development
Show steps
Engage with fellow learners and exchange knowledge through regular discussions and collaborative activities.
Show steps
Show steps
Show steps
- Identify a group of peers who share your interest in secure software development
- Establish a regular meeting schedule and set clear goals for each session
- Take turns presenting on chosen topics or case studies
- Facilitate group discussions and encourage active participation from all members
Participate as a mentor in a secure software development community
Show steps
Share your knowledge and expertise by guiding and supporting fellow learners in their journey to master secure software development.
Show steps
Show steps
Show steps
- Join online forums or communities dedicated to secure software development
- Identify opportunities to answer questions and provide guidance to other members
- Participate in discussions and share your insights on best practices and emerging trends
Contribute to an open-source secure software development project
Show steps
Gain practical experience and make a meaningful contribution to the secure software development community by participating in open-source projects.
Show steps
Show steps
Show steps
- Identify open-source projects that focus on secure software development
- Review the project's documentation and codebase to understand its goals and architecture
- Propose and implement improvements or new features that enhance the security of the project
- Submit pull requests and actively engage with the project's maintainers
Participate in a bug bounty program or hacking challenge
Show steps
Put your skills to the test and challenge yourself by participating in real-world scenarios that involve finding and exploiting security vulnerabilities.
Show steps
Show steps
Show steps
- Identify bug bounty programs or hacking challenges that align with your interests and skill level
- Study the rules and guidelines carefully
- Set realistic goals and allocate sufficient time for research and exploration
- Submit your findings and document your approach with clear and concise reports
Career center
Learners who complete Secure Software Development: Requirements, Design, and Reuse will develop knowledge and skills
that may be useful to these careers:
Software Developer
Software Developer
Secure Software Development: Requirements, Design, and Reuse covers the fundamentals of developing secure software. As a Software Developer, this course will provide you with the knowledge and skills necessary to create and maintain systems that are more resistant to attacks and will enable you to reduce the damage when attacks are successful.
Software Engineer
Software Engineer
Secure Software Development: Requirements, Design, and Reuse provides Software Engineers with a comprehensive understanding of secure software development practices. This course covers risk management, secure design principles, and supply chain evaluation, equipping Software Engineers with the knowledge and skills needed to develop and maintain secure software systems.
Web Application Developer
Web Application Developer
The Secure Software Development: Requirements, Design, and Reuse course is highly relevant to Web Application Developers as it focuses on practical steps to improve the security of software systems. This course covers topics such as risk management, secure design principles, and supply chain evaluation, providing Web Application Developers with the knowledge and skills needed to develop more secure web applications.
DevOps Engineer
DevOps Engineer
The Secure Software Development: Requirements, Design, and Reuse course from the Linux Foundation is designed to help DevOps Engineers improve their software security skills. This course covers practical steps that can be taken to improve information security, making it an ideal choice for individuals looking to advance their careers in DevOps.
Cybersecurity Engineer
Cybersecurity Engineer
Secure Software Development: Requirements, Design, and Reuse is a valuable course for Cybersecurity Engineers as it provides a comprehensive understanding of secure software development practices. This course covers risk management, secure design principles, and supply chain evaluation, equipping Cybersecurity Engineers with the knowledge and skills needed to design and implement secure software systems.
Information Security Analyst
Information Security Analyst
The Secure Software Development: Requirements, Design, and Reuse course provides Information Security Analysts with a foundation in secure software development practices. This course covers risk management, secure design principles, and supply chain evaluation, equipping Information Security Analysts with the knowledge and skills needed to assess and mitigate software security risks.
Software Quality Assurance (QA) Engineer
Software Quality Assurance (QA) Engineer
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Software Quality Assurance (QA) Engineers as it provides a foundation in secure software development practices. This course covers risk management, secure design principles, and supply chain evaluation, which can help Software Quality Assurance (QA) Engineers improve the security of software systems.
Security Architect
Security Architect
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Security Architects as it provides a foundation in secure software development practices. This course covers risk management, secure design principles, and supply chain evaluation, which can help Security Architects design and implement more secure software systems.
Risk Manager
Risk Manager
The Secure Software Development: Requirements, Design, and Reuse course may be полезный for Risk Managers as it provides a foundation in risk management practices for software development. This course covers risk identification, assessment, and mitigation, which can help Risk Managers improve the security of software systems.
Compliance Officer
Compliance Officer
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Compliance Officers as it provides a foundation in secure software development practices. This course covers compliance requirements and best practices, which can help Compliance Officers ensure that software systems meet regulatory and industry standards.
Technical Writer
Technical Writer
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Technical Writers as it provides a foundation in secure software development practices. This course covers technical writing for security, which can help Technical Writers create clear and concise documentation that promotes secure software development.
Project Manager
Project Manager
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Project Managers as it provides a foundation in secure software development practices. This course covers project management for security, which can help Project Managers ensure that software development projects are completed on time, within budget, and to the required security standards.
Quality Assurance (QA) Analyst
Quality Assurance (QA) Analyst
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Quality Assurance (QA) Analysts as it provides a foundation in secure software development practices. This course covers testing for security, which can help Quality Assurance (QA) Analysts identify and fix security vulnerabilities in software systems.
Business Analyst
Business Analyst
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Business Analysts as it provides a foundation in secure software development practices. This course covers requirements gathering and analysis for security, which can help Business Analysts ensure that software systems meet the needs of the business while also being secure.
Product Manager
Product Manager
The Secure Software Development: Requirements, Design, and Reuse course may be useful for Product Managers as it provides a foundation in secure software development practices. This course covers product management for security, which can help Product Managers ensure that software products are secure and meet the needs of the market.
For more career information including salaries, visit:
OpenCourser.com/course/fsid42/secure
Reading list
We've selected eight books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Secure Software Development: Requirements, Design, and Reuse.
Is written in the same vein as the course, by the same lead instructor of the course, David A. Wheeler. Given that it is by the instructor, it very good reference for the course content, and the instructor will likely stick to concepts within this book.
Classic in software development, and while it is not focused specifically on security, it is one of the more applicable general-purpose books to approach software development from a professional perspective.
General-purpose reference on software security by Gary McGraw, a notable expert in the field.
Good reference for secure coding techniques in C and C++, which are common languages used in software development and are applicable to the course content, if the learner is familiar with these languages.
Discusses a mix of practical software development process and programming language concepts, which are applicable to the broader course scope. It also discusses some secure development topics.
Save
Focuses on the process of threat modeling, which useful addition to the secure design elements of this course.
General-purpose cybersecurity framework which can be applied to software development, and good reference for additional research on security best practices.
General-purpose security reference for software developers and security professionals, and while not specifically tailored to any particular course, provides a good overview of the security landscape which applies to this course.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/fsid42/secure
Share
Similar courses
Here are nine courses similar to
Secure Software Development: Requirements, Design, and Reuse.
Secure Software Development: Verification and More Specialized Topics
OpenCourser.com/course/iu1k9c/secure
Secure Software Development: Verification and More...
Most relevant
Secure Software Development: Implementation
OpenCourser.com/course/a8kqk7/secure
Secure Software Development: Implementation
Most relevant
Securing Your Software Supply Chain with Sigstore
OpenCourser.com/course/xntr3t/securing
Securing Your Software Supply Chain with Sigstore
Most relevant
Securing Your GitHub Project
OpenCourser.com/course/bxa0qg/securing
Securing Your GitHub Project
Most relevant
Home Networking Basics
OpenCourser.com/course/kh0hzy/home
Home Networking Basics
Most relevant
Software Development Security for CISSP®
OpenCourser.com/course/w02nql/software
Software Development Security for CISSP®
Designing Robust Information System Security Architectures
OpenCourser.com/course/4jy61u/designing
Designing Robust Information System Security Architectures
Secure Software Implementation for CSSLP®
OpenCourser.com/course/6vfah0/secure
Secure Software Implementation for CSSLP®
PHP 8 Web Application Security
OpenCourser.com/course/lub5gl/php
PHP 8 Web Application Security
Effort
1 to 2 hours per week for 7 weeks
Level
Introductory
Via
edX
Institution
The Linux Foundation
Instructor
David A. Wheeler
Session
December 14, 2023
- June 19, 2025
Language
English
Transcripts
English
Español
Français
Português
Deutsch
中文
العربية
हिंदी
Türkçe
తెలుగు
Bahasa Indonesia
Kiswahili
This course belongs to a
collection
called
Secure Software Development Fundamentals. It's comprised of three courses:
- Secure Software Development: Implementation
- Secure Software Development: Verification and More Specialized Topics
- Secure Software Development: Requirements, Design, and Reuse (viewing)
Good to know
Designed for software developers, DevOps professionals, software engineers, web application developers, and others, this course will help you develop and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired
Students will learn how to design, develop and maintain secure software
Students will examine the basics of security, such as risk management, the ‘CIA’ triad, and requirements
Taught by instructors David A. Wheeler who are recognized for their work in secure software development
This course is part of the Secure Software Development Fundamentals Professional Certificate program, developed by the Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on securing the open source ecosystem
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser