Secure Software Development - Part I
Secure Software Development - Part I
Published 12/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.57 GB | Duration: 2h 20m
Published 12/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.57 GB | Duration: 2h 20m
Modeling a Secure Application
What you'll learn
Design a secure functional model for a software application
Design a secure object model for a software application
Design a secure dynamic model for a software application
Design a secure system model for a software application
Design a secure threat model for a software application
Requirements
Entry level programming skill in any language
Description
This series of courses covers the foundations of software security, focusing on developing new software applications. Security is woven into the software development lifecycle (SDLC). The series thoroughly examines critical software vulnerabilities and the attacks that exploit them. It then explores strategies, including advanced testing and program analysis techniques, that can be used to discover new unknown vulnerabilities in the software. Mitigation strategies are discussed and implemented to reduce the risk of attacks against the software. The application of mitigations is not just a theoretical concept but a practical approach that can significantly strengthen the security of software systems. In part one, we start by modeling a secure application. We walk through building a secure, functional model, secure object model, secure dynamic model, secure system model, and threat model. Each step builds on the previous steps. The process is iterative, where we revisit the models developed in the previous steps and update them with the new knowledge discovered.Part two will look at specific mitigations used to lower the risks discovered in the earlier modeling phases. We investigate authorization and authentication, input validation and sanitization, standard web application vulnerabilities, and mitigates and database security.Part three will look at testing the software to ensure what was developed matched the models developed in earlier phases. We will also look at penetration testing to discover vulnerabilities missed in our modeling.
Overview
Section 1: Introduction
Lecture 1 Introduction
Section 2: Security Principles
Lecture 2 Security Principles Lecture
Section 3: Designing a Secure Functional Model
Lecture 3 Designing a Secure Functional Model Lecture
Section 4: Designing a Secure Object Model
Lecture 4 Designing a Secure Object Model Lecture
Section 5: Designing a Secure Dynamic Model
Lecture 5 Designing a Secure Dynamic Model Lecture
Section 6: Designing a Secure System Model
Lecture 6 Designing a Secure System Model
Section 7: Threat Modeling
Lecture 7 Threat Modeling
This course is for anyone who can program in any programming language and wants to learn how to build more secure and robust software.