Introduction:
Over 80% of security breaches exploit software vulnerabilities, yet most teams address security after the code is written, leaving organizations at risk. The Cyber Secure Coder (CSC) course empowers software developers, testers, and architects to build secure, resilient applications by integrating security into every phase of the software development lifecycle.
The CertNexus Cyber Secure Coder (CSC) program guides you through the entire software development lifecycle, emphasizing a security-by-design approach to reduce the risk of security defects, misconfiguration, and vulnerabilities that can undermine your code. Through hands-on labs and real-world scenarios, you’ll learn to eliminate vulnerabilities, find and correct security defects, and design a secure architecture for both new and deployed software. CSC-210 covers secure coding practices, vulnerability assessment, threat modeling, and strategies for maintaining software security long after deployment.
Objectives:
This course provides the skills and strategies to create secure software and manage risk at every stage. You will learn to:
Employ secure software development best practices
Identify security requirements for your projects
Eliminate vulnerabilities and misconfigurations in code
Use a security-by-design approach to architect secure systems
Protect users and sensitive data with common controls
Apply testing methods to find and fix security defects
Maintain deployed software to ensure ongoing security
Course Outline:
1 – Identify Security Requirements and Expectations
- Security throughout the development process
- Business, compliance, and user requirements
- Identifying factors undermining software security
- Recognizing vulnerabilities and attack patterns
- Gathering vulnerability intelligence
2 – Handling Vulnerabilities
- Addressing software defects and misconfiguration
- Managing risks from third-party code
- Handling human factors and social engineering
- Improving development process security
3 – Designing for Security
- Applying secure design principles (OWASP, defense in depth, least privilege)
- Threat modeling and risk assessment
- Identifying and countering specific threats
4 – Developing Secure Code
- Secure coding best practices and checklists
- Avoiding common programming errors (buffer overflows, input validation, etc.)
- Preventing platform, privacy, and web/mobile vulnerabilities
5 – Implementing Common Protections
- Access control, authentication, and session management
- Protecting data in transit and at rest (encryption, PKI)
- Secure error handling, logging, and output restrictions
- Preventing SQL injection and securing database access
6 – Testing Software Security
- Security testing phases and strategies
- Static and dynamic code analysis
- Automated tools for vulnerability detection
7 – Maintaining Security in Deployed Software
- Monitoring and logging applications
- Ongoing patch management and maintenance
- Secure deprovisioning and uninstallation
Enroll in this course
$2,085.00