What you’ll learn
Design a secure functional model for a software application
Design a secure object model for a software application
Design a secure dynamic model for a software application
Design a secure system model for a software application
Design a secure threat model for a software application
This series of courses covers the foundations of software security, focusing on developing new software applications. Security is woven into the software development lifecycle (SDLC). The series thoroughly examines critical software vulnerabilities and the attacks that exploit them. It then explores strategies, including advanced testing and program analysis techniques, that can be used to discover new unknown vulnerabilities in the software. Mitigation strategies are discussed and implemented to reduce the risk of attacks against the software. The application of mitigations is not just a theoretical concept but a practical approach that can significantly strengthen the security of software systems.
In part one, we start by modeling a secure application. We walk through building a secure, functional model, secure object model, secure dynamic model, secure system model, and threat model. Each step builds on the previous steps. The process is iterative, where we revisit the models developed in the previous steps and update them with the new knowledge discovered.
Part two will look at specific mitigations used to lower the risks discovered in the earlier modeling phases. We investigate authorization and authentication, input validation and sanitization, standard web application vulnerabilities, and mitigates and database security.
Part three will look at testing the software to ensure what was developed matched the models developed in earlier phases. We will also look at penetration testing to discover vulnerabilities missed in our modeling.
Who this course is for:
This course is for anyone who can program in any programming language and wants to learn how to build more secure and robust software.
