Application Security - The Complete Guide

Name: Application Security - The Complete Guide
Rating: 4.3 (2189 reviews)

Developing security in the Software Development Life Cycle (SDLC)

(2,189 ratings)

10,803 students

Created by Derek Fisher

Last updated 8/2022

English

English [Auto]

What you'll learn

Learn how to become an application security champion.
What is the OWASP Top 10 and how to defend against those vulnerabilities.
Use of threat modeling to identify threats and mitigation in development features.
How to perform a threat model on an application.
How to perform a vulnerability scan of an application.
Rating security vulnerabilities using standard and open processes.
How to correct common security vulnerabilities in code.
How application security fits in an overall cyber security program
Building security in to the software development life cycle.

Requirements

Basic programming knowledge
Understanding of IT systems and how software is deployed in operational environments

Description

This course will familiarize you with the common vulnerabilities that plague developed code as outlined in publications like the OWASP Top 10 and SANS Top 25. You will understand what type of development behaviors lead to vulnerabilities and how to avoid those behaviors when creating secure code. You will learn how to perform a threat model on development features to understand what threats could impact your code, where they come from and how to mitigate them. You will also review and operate analysis tools that are available to developers in order to analyze their code and discover vulnerabilities, allowing you to correct them early in the development life cycle. Finally you will understand how application security fits in an overall cyber security program.

Who this course is for:

Software developers interested in developing more secure software.
Security practitioners
Software and security engineering leaders
Cyber security professionals

Featured review

Wilco K.

3 courses

3 reviews

a year ago

This course provides a good overview of all the aspects involved with Application Security. I am not new to this topic but it serves me well to learn about the aspects that I am less familiar with still, such as CSP, ASVS, Federation, Threat modelling & OpenID. The explanation is clear and practical examples are given each time.

Derek Fisher

Leader, speaker, author, and instructor in cybersecurity

Derek Fisher has several decades of experience designing systems in both hardware and software, and holds a graduate degree in cybersecurity from Boston University. He continues to work professionally as a leader, university instructor, and conference speaker in the security space where he provides his insight to multiple fields and disciplines.