Free

Secure Coding

In the Secure Coding training course, Sunny Wear will show you how secure coding is important when it comes to lowering risk and vulnerabilities. Learn about XSS, Direct Object Reference, Data Exposure, Buffer Overflows, & Resource Management.
9
32
M
Time
intermediate
difficulty
10
ceu/cpe

Course Content

Part 5 JS redirect Lab

4m

Module 10 OWASP Top 10 A10 Unvalidated Redirects and Forwards
Part 4 Defenses

4m

Module 10 OWASP Top 10 A10 Unvalidated Redirects and Forwards
Part 3 Unvalidated URLs Demo

5m

Module 10 OWASP Top 10 A10 Unvalidated Redirects and Forwards
Part 2 Explanations

4m

Module 10 OWASP Top 10 A10 Unvalidated Redirects and Forwards
Part 1 Intro

1m

Module 10 OWASP Top 10 A10 Unvalidated Redirects and Forwards
Part 5 WebGoat Library CVSS Lab

4m

Module 09 OWASP Top 10 A9 Using Components with Known Vulns
Part 4 Defenses

5m

Module 09 OWASP Top 10 A9 Using Components with Known Vulns
Part 3 Libraries & CVSS Demo

5m

Module 09 OWASP Top 10 A9 Using Components with Known Vulns
Part 2 Explanations

5m

Module 09 OWASP Top 10 A9 Using Components with Known Vulns
Part 1 Intro

1m

Module 09 OWASP Top 10 A9 Using Components with Known Vulns
Part 6 CSRF Lab Solution

5m

Module 08 OWASP Top 10 A8 Cross-site Request Forgery
Part 5 CSRF Defenses

7m

Module 08 OWASP Top 10 A8 Cross-site Request Forgery
Part 4 Entropy Demo

7m

Module 08 OWASP Top 10 A8 Cross-site Request Forgery
Part 3 CSRF JS Demo

8m

Module 08 OWASP Top 10 A8 Cross-site Request Forgery
Part 2 Explanations

7m

Module 08 OWASP Top 10 A8 Cross-site Request Forgery
Part 1 Intro

1m

Module 08 OWASP Top 10 A8 Cross-site Request Forgery
Part 5 Missing FL AC Lab

5m

Module 07 OWASP Top 10 A7 Missing Function Level Access Control
Part 4 Defenses

7m

Module 07 OWASP Top 10 A7 Missing Function Level Access Control
Part 3 Role Demo

4m

Module 07 OWASP Top 10 A7 Missing Function Level Access Control
Part 2 Explanations

14m

Module 07 OWASP Top 10 A7 Missing Function Level Access Control
Part 1 Intro

1m

Module 07 OWASP Top 10 A7 Missing Function Level Access Control
Part 6 Defenses

11m

Module 06 OWASP Top 10 A6 Sensitive Data Exposure
Part 5 HTMLS Web Storage Demo

8m

Module 06 OWASP Top 10 A6 Sensitive Data Exposure
Part 4 HiddenPages Demo

5m

Module 06 OWASP Top 10 A6 Sensitive Data Exposure
Part 3 Comments Demo

3m

Module 06 OWASP Top 10 A6 Sensitive Data Exposure
Course Description

The virtual machine shown in the course is not offered by Cybrary and will not be provided.

What is Secure Coding?

Secure coding is the method in which developers write code for software or applications so that it’s protected from various types of vulnerabilities, risks, and cyberattacks. Secure coding is sometimes also called secure programming.

The main principle of secure coding is to assist software developers, engineers, and other relevant professionals in anticipating potential issues and accounting for those challenges in the design of the application or program. This principle is supported by multiple strategies, including validating input, which makes sure that input is from trusted sources, and checking for buffer overflow vulnerability. Generally speaking, with secure coding, developers strive to create a secure user interface that minimizes loopholes, backdoors, and other vulnerabilities that may appeal to cybercriminals.

Why is Secure Coding Important?

As technology and the IT security community become more aware of common cyberattack and hacking strategies, it’s essential that organizations look for platforms and devices with security measures built in. As a result, using secure coding practices to find and mitigate vulnerabilities is extremely important for the protection of an organization’s sensitive data. When vulnerabilities exist in finished code, they can be exploited by cyber attackers. Developing secure code makes it much more difficult for cybercriminals to hack code and gain access to systems and applications, thus reducing the risk of data breaches.

What Does this Secure Coding Training Entail?

In this Secure Coding training course, learners will be introduced to secure coding best practices, lab tools, the OWASP (Open Web Application Security Project) top ten web application security risks, and SANS Common Weakness Enumeration (CWE) 25 most dangerous software weaknesses, threat modeling, and active defenses of secure coding.

The course is considered to be of intermediate difficulty. While there are no prerequisites for this training, basic coding knowledge is recommended before taking the course. Total time for Secure Coding training is nine and a half hours, for which students will earn ten CEU/CPE and a Certificate of Completion.

What Are OWASP Secure Coding Practices?

Standards for secure coding and best practices allow developers to create and improve software and applications securely. Following these standards and best practices ensures that vulnerabilities that cybercriminals may exploit are minimized.

There are numerous ways to develop applications and software securely. One way is by following the OWASP secure coding checklist. It is a checklist of best practices for securing the code on applications but can also be applied as a security protocol for every software deployment platform and software development life cycle as well. The checklist of secure coding practices has multiple prevention techniques by which attack damages can be reduced and/or mitigated.

Why Learn Secure Coding Practices with Cybrary?

Knowing secure coding practices is an important skill for today’s cybersecurity professionals and learning them is simple with Cybrary. Our training courses are self-paced and online, making it easy and convenient for busy IT professionals to learn new skills even with their busy schedules.

The Secure Coding training course is a great way for learners to add knowledge to their professional toolbox, enhance their careers, and become even more valuable to employers.

This course is part of a Career Path:
No items found.

Instructed by

Instructor
Sunny Wear

I am SOA and Enterprise Architect for all designs and development using an Enterprise Service Bus (ESB) by vendor Sonic/Progress Software. I provide Security Architecture standards as well for our line of business.

Provider
Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a Secure Coding Certificate of Completion