Overview

Limited-Time Offer: Up to 75% Off Coursera Plus!

7000+ certificate courses from Google, Microsoft, IBM, and many more.

This course is designed for Cybersecurity and Application Security Specialists, IT Security Managers and System Administrators, Software Developers, as well as IT Consultants and Penetration Testers. The course will go deeper into the design process, focusing on how to create secure information system architectures. It will cover threat modeling, secure-by-design principles, and integrating security into Software Development Life Cycles (SDLC) for software developers and computer networks. It will also provide IT Managers with strategies to align security design with business needs. By the end of the course, learners should be able to design secure information system architectures that can withstand various threat scenarios.

Syllabus

Welcome and Module 1: Designing Secure-by-Design Information System Architectures

This module provides an in-depth exploration of Secure-by-Design, a security approach that differs from traditional security methods and also identifies the principles of Secure-by-Design. Next, the module compares the essential steps required to design a secure information system from the ground up, highlighting the unique considerations and practices associated with Secure-by-Design. Finally, the module delves into various security testing methods used to assess and validate the security of software designs. This includes techniques such as threat modeling, penetration testing, vulnerability scanning, and code review. By the end of this module, learners will have a comprehensive understanding of Secure-by-Design and the principles, practices, and testing methods associated with this security approach.

Module 2: Aligning Security Design with Business Needs

This module covers the topic of developing a business-centric security strategy that balances security investments with financial constraints, ensures compliance with regulations, and aligns with the organization's overarching business goals and objectives. Additionally, the module emphasizes the importance of considering operational and user experience and usability while implementing security controls. The module lists key steps involved in developing a business-centric security strategy from assessment to reviewing. By the end of this module, learners will have a comprehensive understanding of developing a security strategy that aligns with their organization's business goals while ensuring compliance and maintaining security.

Module 3: Integrating Security into Software Development Life Cycles

This module covers software security and its importance in ensuring the resilience of software systems. It identifies the potential consequences of inadequate security measures, explores security considerations across various development methodologies such as Waterfall, Agile, DevOps, and explains the steps which can be used in Software Development Life Cycle (SDLC). The module also discusses common challenges faced while incorporating security into the SDLC. By the end of this module, learners will have a comprehensive understanding of integrating security into software and be equipped with the knowledge and skills to develop a proactive security approach.