Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

IBM

Application Security for Developers

IBM via edX

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Vulnerabilities can occur at any stage of software development, making it critical for developers to write secure code and maintain a secured development environment and the platform it runs on. In this course, you will learn to identify security vulnerabilities in applications and implement secure code practices to prevent events like data breaches and leaks which can significantly impact an organization’s reputation and financial condition. This course provides a comprehensive overview of security best practices that developers should follow when developing applications. You’ll gain extensive knowledge on various practices, concepts, and processes for maintaining a secure environment, including DevSecOps practices that automate security integration across the software development lifecycle (SDLC), Static Application Security Testing (SAST) for identifying security flaws, Dynamic Analysis, and Dynamic Testing, and creating a Secure Development Environment, an ongoing process for securing a network, computing resources, and storage devices both on-premise and in the cloud. This course familiarizes you with the top Open Web Application Security Project (OWASP) application security risks such as broken access controls and SQL injections and teaches you how to prevent and mitigate these threats. This course includes multiple hands-on labs to develop and demonstrate your skills and knowledge for maintaining a secure development environment.

Syllabus

Module 1 - Introduction to Security for Application Development

  • Security By Design
  • What is DevSecOps
  • Vulnerability Scanning and Threat Modeling
  • Threat Monitoring
  • Activity: Security Concepts and Terminology

Module 2: Security Testing and Mitigation Strategies

  • Introduction to Security Testing and Mitigation Strategies

  • Static Analysis

  • Hands-on Lab: Using Static Analysis

  • Dynamic Analysis

  • Hands-on Lab: Using Dynamic Analysis

  • Code Review

  • Vulnerability Analysis

  • Hands-on Lab: Evaluating Vulnerability Analysis

  • Runtime Protection

  • Software Component Analysis
  • Hands-on Lab: Evaluate Software Component Analysis
  • Continuous Security Analysis

Module 3: OWASP Application Security Risks

  • Intro to OWASP (Top 10) Sec Vulnerabilities
  • OWASP Top 1-3
  • OWASP Top 4-6
  • OWASP Top 7-10
  • SQL Injections
  • Other Types of SQL Injection Attacks
  • Hands-on Lab: Understanding SQL Injections
  • Cross Site Scripting
  • Hands-on Lab: Cross Site Scripting
  • Storing Secrets Securely
  • Hands-on Lab: Storing Secrets Securely

Module 4: Security Best Practices

  • Code Practices
  • Hands-on Lab: Code Practices
  • Dependencies
  • Hands-on Lab: Dependencies
  • Secure Development Environment
  • Hands-on Lab: Secure Development Environment

Module 5: Final Exam

Taught by

John Rofrano

Reviews

Start your review of Application Security for Developers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.