Secure Coding Practices Specialization

Name: Secure Coding Practices
Rating: 4.477516059957173 (381 reviews)

Instructors: Joubin Jabbari

What you'll learn

Practice improving the security and robustness of your programs.
Create threat models and apply basic cryptography.
Evaluate and remediate fragile C++ library code.
Exploit common types of injection problems and fix the root causes.

Skills you'll gain

Details to know

Shareable certificate

Add to your LinkedIn profile

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

Advance your subject-matter expertise

Learn in-demand skills from university and industry experts
Master a subject or tool with hands-on projects
Develop a deep understanding of key concepts
Earn a career certificate from University of California, Davis

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

Specialization - 4 course series

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

Applied Learning Project

The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.

Principles of Secure Coding

Course 115 hours4.4 (350 ratings)

What you'll learn

This course introduces you to the principles of secure programming. It begins by discussing the philosophy and principles of secure programming, and then presenting robust programming and the relationship between it and secure programming. We'll go through a detailed example of writing robust code and we'll see many common programming problems and show their connection to writing robust, secure programs in general. We’ll examine eight design principles that govern secure coding and how to apply them to your own work. We’ll discuss how poor design choices drive implementation in coding. We’ll differentiate between informal, formal, and ad hoc coding methods. Throughout, methods for improving the security and robustness of your programs will be emphasized and you will have an opportunity to practice these concepts through various lab activities. A knowledge of the C programming language is helpful, but not required to participate in the lab exercises.

Skills you'll gain

Category: Cybersecurity

Category: Security Engineering

Category: Secure Coding

Category: Application Security

Category: Security Software

Category: Software Engineering

Category: Software Development

Category: Product Quality (QA/QC)

Category: Quality Assurance and Control

Category: Software Design

Category: Quality Control

Category: Verification And Validation

Category: Computer Science

Category: Network Security

Category: Quality Assurance

Category: Computer Programming

Category: Programming Principles

Category: Quality Management Systems

Category: Quality Management

Identifying Security Vulnerabilities

Course 213 hours4.7 (173 ratings)

What you'll learn

This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models, and think critically about the threat models created by other people. We'll learn the basics of applying cryptography, such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data. We'll gain a fundamental understanding of injection problems in web applications, including the three most common types of injection problems: SQL injection, cross-site scripting, and command injection.

We'll also cover application authentication and session management where authentication is a major component of a secure web application and session management is the other side of the same coin, since the authenticated state of user requests need to be properly handled and run as one session. We'll learn about sensitive data exposure issues and how you can help protect your customer's data. We'll cover how to effectively store password-related information, and not to store the actual plaintext passwords. We'll participate in coding assignment that will help you to better understand the mechanisms for effectively storing password-related information. Along the way, we’ll discuss ways of watching out for and mitigating these issues and be able have some fun and exploit two different vulnerabilities in a web application that was designed to be vulnerable, called WebGoat.

Skills you'll gain

Category: Application Security

Category: Security Engineering

Category: Cybersecurity

Category: Secure Coding

Category: Authentications

Category: Identity and Access Management

Category: Security Software

Category: Information Technology Architecture

Category: Network Security

Category: Enterprise Security

Category: Data Security

Category: Vulnerability

Category: Infrastructure Security

Category: Information Technology

Category: Information Systems Security

Category: Threat Modeling

Category: Cryptography

Category: Computer Security

Category: Encryption

Category: IT Security Architecture

Identifying Security Vulnerabilities in C/C++Programming

Course 322 hours4.6 (79 ratings)

What you'll learn

Apply “what to watch out for” and “where to look” to evaluate fragility of C++ library code.
Given a fragile C++ library, code a robust version.
Identify problems w/ privilege, trusted environments, input validation, files & sub-processes, resource mngmt, asynchronicity, & randomness in C/C++.
Remediate examples of problems that apply to C/C++ interactions with the programming environment.

Skills you'll gain

Category: Security Software

Category: Cybersecurity

Category: Unix

Category: Secure Coding

Category: Security Engineering

Category: Application Security

Category: Operating Systems

Category: Information Systems Security

Category: Identity and Access Management

Category: Cryptography

Category: Vulnerability Assessments

Category: C and C++

Category: Authorization (Computing)

Category: Verification And Validation

Category: Security Testing

Category: Data Validation

Category: Linux

Category: Penetration Testing

Category: Vulnerability

Category: Cyber Security Assessment

Exploiting and Securing Vulnerabilities in Java Applications

Course 423 hours4.4 (65 ratings)

What you'll learn

Practice protecting against various kinds of cross-site scripting (XSS) attacks.
Form plans to mitigate injection vulnerabilities in your web application.
Create strategies and controls to provide secure authentication.
Examine code to find and patch vulnerable components.