Secure Software Coding

Course Description:

Secure coding is becoming increasingly important due to various emerging threats. Although many of the existing secure coding best practices are programming language and domain‐specific, there are also language and domain‐neutral knowledge to be obtained by software developers. This course focuses on this attainment of comprehensive but practical secure coding knowledge. By exposing the audience tall the major secure coding concepts and tools available today, the primary goal of this course is to quickly improve the attendees’ overall security quality of coding practices and to prepare for learning more language and application‐specific secure coding techniques.

Format: Asynchronous
Nominal duration: Self-paced Learning – Approximate Time: 167 minutes
Professional Development Hours (PDH) : 2.8
Continuing Education Credits (CEU) : 0.28

Module 1: Introduction to Secure Coding
Significance/importance of secure coding [8, 11]
Secure coding terminology [7, 12, 13]
Secure coding principles [10, 15, 18, 20, 21]
Threat modeling
Secure coding resources (both online and offline) [14]

Module 2: Vulnerabilities and Exploits
Buffer overflows
SQL injection [2, 19]
Cross‐Site Scripting (XSS) [4, 9]
Broken authentication and session management
Insecure direct object references
Security misconfiguration
Sensitive data exposure

Module 3: Countermeasures
Secure coding standards [3]
Secure coding best practices/patterns [1, 16]
Intercepting validators
Session management
Password management
Access control
Error handling and logging
File management
Memory management

Module 4: Tools, Frameworks, and Services
Microsoft Secure Development Process (SDP)
Static analysis tools [17]
Dynamic analysis tools
Web application security frameworks [5, 6]
Java‐based enterprise application security frameworks
Vulnerability tracking

Module 5: Summary and Conclusion
Purchase Options
Course $135
Course $100
Course $100

Members Save!

Join the Computer Society to take advantage of member pricing.