Developing Secure Software

Explore the frameworks, tools, and patterns that you need to build secure software.

Introduction

• Building security into software development
• What You Should Know

1. Understanding Software Security

• What is software security?
• Significance of software security
• Software security vocabulary
• Software security risk management
• Software Security Resources

2. Software Security Threats

• Threats to software security
• Hardware level threats
• Code level threats
• Detailed design level threats
• Architectural level threats
• Requirements level threats
• Threat modeling and tools

3. Secure Software Design

• Introduction to secure design
• Security tactics
• Security patterns
• Security vulnerabilities
• Architectural analysis for security
• Software security anti-patterns
• Case Study: Setting the Stage
• Case Study: Tactic-Oriented Architectural Analysis
• Case Study: Pattern-Oriented Architectural Analysis
• Case Study: Vulnerability-Oriented Architectural Analysis

4. Introduction to Secure Coding

• Introduction to secure coding
• Buffer overflow attacks
• Buffer overflow countermeasures
• Broken authentication and session management
• Broken authentication and session management countermeasures
• Insecure direct object references
• Insecure direct object references countermeasures
• Sensitive information exposure
• Sensitive information exposure countermeasures
• Other secure coding leading practices

5. Testing for Security

• Testing for security
• Static analysis
• Static analysis tools
• Dynamic analysis
• Dynamic analysis tools
• Penetration testing
• Penetration testing tools
• Vulnerability management
• Vulnerabilty management tools

6. Recent Developments and Future Directions

• DevOps and Software Security
• Cloud Security
• Developer-Friendly Software Security
• IoT and Software Security
• Rules and regulations
• Software security certifications

7. Conclusion

• Next Steps for developing secure software