Secure Coding

This learning program is for any software developer, software tester, or software architect who wants to prevent threats and find vulnerabilities in software applications. Learn:

The mindset of security
Most common threats and vulnerabilities
Manage security risks with Threat Modeling
Apply modern design and architecture practices like Defense in Depth, Zero Trust Security, and the STRIDE model
Identify assets and use data flow diagrams to pinpoint potential vulnerabilities
Practice pen testing to step into the mindset of an attacker

Learning Program Content

Expand All

Fundamentals of Software Application Security 4 Topics

Expand

Lesson Content

0% Complete 0/4 Steps

The Need for Application Security

Understanding Attackers

Security is a Continuous Activity

Common Vulnerabilities and How to Find Them 10 Topics

Expand

Lesson Content

0% Complete 0/10 Steps

Security Mindset for Developers

OWASP Top Ten Web Vulnerabilities

OWASP Top Ten Mobile Vulnerabilities

OWASP Top Ten API Vulnerabilities

Injection Vulnerabilities

Cryptography Vulnerabilities

Server Side Request Forgery

Social Engineering

Preventing Vulnerabilities

Threat Modeling 5 Topics

Expand

Lesson Content

0% Complete 0/5 Steps

How to Build a Threat Model

Data Flow Diagram

Brainstorming Threats

The STRIDE Classification of Threats

Threat Mitigation

Cyber Defense Principles and Practices 5 Topics

Expand

Lesson Content

0% Complete 0/5 Steps

Defense In Depth Principle

Reduce the Attack Surface

Principle of Least Privilege

Zero Trust Security Model

Principle of Least Visibility

Implementation Practices for Security 4 Topics

Expand

Lesson Content

0% Complete 0/4 Steps

OWASP Application Security Verification Standard (ASVS)

Code Review and Static Code Analysis

Automated Security Tests