This 13-video course explores software protection by applying secure development and coding practices. Learners will examine secure coding key concepts, including early and frequent testing, and how to validate to ensure it is the proper kind of data, and the proper size, type, and format. First, the course demonstrates how to set up a simple filtering statement to improve software security. You will learn how to constrain user input, by implementing a drop-down box or radio buttons. You will also learn the top 10 rules established by CERT (Computer Emergency Response Team) for secure programming, and how to operationalize secure software deployments, as well as continuous secure delivery to quickly update changes and upgrades. Learners will explore verification, and secure validation software metrics to measure and improve software. You will learn to use C# code, evaluate both secure and unsecure parts, for the web and Windows code, and learn to secure code with Python. Finally, you will learn to secure code with Java.
describe the importance of and how to apply practices from the CERT Top 10 list including validating input, paying attention to compiler warnings, secure design, coding for simplicity, and the principle of default deny
describe the importance of and how to apply practices from the CERT Top 10 list including the principle of least privileges, sanitizing data, defense in depth, implementing quality assurance, and adhering to standards
deploy software in a safe and secure manner
apply delivery in a secure manner on an ongoing or continuous basis
implement security verification and validation in software projects
describe and utilize metrics appropriate for software security
recognize and analyze C# examples of secure code
recognize and analyze Python examples of secure code
recognize and analyze Java examples of secure code