Developing Secure Software (LFD121)

Full Details
Level
Price
Common Core
Images
No items found.

Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. This course starts by discussing the basics of cybersecurity, such as what risk management really means. It discusses how to consider security as part of the requirements of a system, and what potential security requirements you might consider. This first part of the course then focuses on how to design software to be secure, including various secure design principles that will help you avoid bad designs and embrace good ones. It also considers how to secure your software supply chain, that is, how to more securely select and acquire reused software (including open source software) to enhance security. The second part of this course focuses on key implementation issues: input validation (such as why allowlists should be used and not denylists), processing data securely, calling out to other programs, sending output, and error handling. It focuses on practical steps that you (as a developer) can take to counter the most common kinds of attacks. The third part of the course discusses how to verify software for security. In particular, it discusses the various static and dynamic analysis approaches, as well as how to apply them (e.g., in a continuous integration pipeline). It also discusses more specialized topics, such as the basics of how to develop a threat model and how to apply various cryptographic capabilities.

Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources, to improve information security.

Full Details
Formats: 
Part of resource: 
Posted 
Jul 2023
This resource has religious influence.

Similar resources

About The Linux Foundation

The key to a successful open technology project is to ensure a neutral playing field for all developers, technologists, and companies to collectively contribute to project evolution and growth. The Linux Foundation was built on the idea of the democratization of code and scaling adoption, for all projects equally. Expert legal and governance support programs ensure everyone is on the same playing field.

More by The Linux Foundation

thumbnail
WebAssembly Components: From Cloud to Edge (LFD134)
WebAssembly Components: From Cloud to Edge (LFD134)
College & Adult
thumbnail
Threat Modeling: The Essentials Toolkit (SKF201)
Threat Modeling: The Essentials Toolkit (SKF201)
College & Adult
thumbnail
Besu Essentials: Creating a Private Blockchain Network (LFS176x)
Besu Essentials: Creating a Private Blockchain Network (LFS176x)
College & Adult
thumbnail
Linux システム管理基礎 (LFS207-JP)
Linux システム管理基礎 (LFS207-JP)
College & Adult
thumbnail
Machine Learning & AI Introduction (RXM402)
Machine Learning & AI Introduction (RXM402)
College & Adult
thumbnail
Retrieval Augmented Generation (RAG) Introduction (RXM403)
Retrieval Augmented Generation (RAG) Introduction (RXM403)
College & Adult