Secure Software Development
Verification and More Specialized Topics
Secure Software Development Fundamentals,
Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources to improve information security. This course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.
This course discusses how to verify software for security. In particular, it discusses the various static and dynamic analyses approaches, as well as how to apply them (e.g., in a continuous integration pipeline). It also discusses more specialized topics, such as the basics of how to develop a threat model and how to apply various cryptographic capabilities.
This is the third of the three courses in the Secure Software Development Fundamentals Professional Certificate program, and was developed by the Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on securing the open source ecosystem. The training courses included in this program focus on practical steps that you (as a developer) can take to counter most common kinds of attacks.
What you'll learn
- Security Verification: How to examine software, include some key tool types, and how to apply them in continuous integration (CI). This includes learning about security code scanners/static application security testing (SAST) tools, software component analysis (SCA)/dependency analysis tools, fuzzers, and web application scanners.
- Threat modeling/Attack modeling: How to consider your system from an attacker’s point of view and how to apply a simple design analysis approach called STRIDE.
- Fielding: How to deploy and operate secure software, handle vulnerability reports, and how to rapidly update when reused components have publicly-known vulnerabilities.
- Assurance cases & formal methods: The basics of approaches to more strongly analyze and justify that your software is secure.
Get a Reminder
Rating | Not enough ratings |
---|---|
Length | 7 weeks |
Effort | 7 weeks, 1–2 hours per week |
Starts | On Demand (Start anytime) |
Cost | $199 |
From | The Linux Foundation via edX |
Instructor | David A. Wheeler |
Download Videos | On all desktop and mobile devices |
Language | English |
Subjects | Programming |
Tags | Computer Science |
Get a Reminder
Similar Courses
Careers
An overview of related careers and their average salaries in the US. Bars indicate income percentile.
Program Manager, TSA Secure Flight $83k
Deputy Convoy Commander Office Of Secure Transportation $98k
Software Developer / Software QA $102k
IT / Software Developer $102k
Software Engineer u2013 Software Developer $108k
Software Developer, EDGAR Software Group $111k
Assistant Sector Controller, Secure Interface $112k
Secure System Analyst $112k
Software 3 $120k
Sector Controller, Secure Interface $138k
Security Researcher (McAfee SECURE) $154k
Software Scientist 2 $318k
Write a review
Your opinion matters. Tell us what you think.
Please login to leave a review
Rating | Not enough ratings |
---|---|
Length | 7 weeks |
Effort | 7 weeks, 1–2 hours per week |
Starts | On Demand (Start anytime) |
Cost | $199 |
From | The Linux Foundation via edX |
Instructor | David A. Wheeler |
Download Videos | On all desktop and mobile devices |
Language | English |
Subjects | Programming |
Tags | Computer Science |
Similar Courses
Sorted by relevance
Like this course?
Here's what to do next:
- Save this course for later
- Get more details from the course provider
- Enroll in this course