Identifying Security Vulnerabilities

2.4
2.4 rating

This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models and think critically about the threat models created by other people.

We'll learn the basics of applying cryptography such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data.

We'll gain a fundamental understanding of injection problems in web applications including the three most common types of injection problems: SQL injection cross-site scripting and command injection.

WEEK 1
5 hours to complete
Foundational Topics in Secure Programming
In this module you will gain exposure to the ideas of threat modeling and applied cryptography. By the end of the module you will be able to start to create threat models and think critically about the threat models created by other people. You will be able to apply the STRIDE Method to your threat model and distinguish the trust boundaries in a given system. You will also gain a basic understanding of applied cryptography such as encryption and secure hashing.
14 videos (Total 83 min) 3 readings 2 quizzes

WEEK 2
3 hours to complete
Injection Problems
By the end of this module you will have a fundamental understanding of injection problems in web applications. You'll be able to discuss and describe the three most common types of injection problems: SQL injection cross-site scripting and command injection. In order to drive home these concepts you will be able to work on exploiting a SQL injection vulnerability in the WebGoat application. You'll be able to formulate plans to mitigate injection problems in your applications.
17 videos (Total 87 min) 1 reading 1 quiz

WEEK 3
4 hours to complete
Problems Arising From Broken Authentication
By the end of this module you will be able to evaluate a system to determine if it follows the generally prescribed secure methods for authentication and session management in web applications. You'll be able to distinguish the relationship between authentication session management and access control. You will also be able to exploit WebGoat's authentication and session management vulnerability. As well as be able to evaluate a system to determine if it performs sufficient security logging such that non-repudiation is enforced. This will help drive the concepts that you will learn in this module.
11 videos (Total 71 min) 1 reading 1 quiz

WEEK 4
4 hours to complete
Sensitive Data Exposure Problems
By the end of this module you will understand how to effectively store password-related information and NOT to store the actual plaintext passwords. You will also have a hands on coding assignment that will help you to better understand the mechanisms for effectively storing password-related information. Ready?
9 videos (Total 36 min) 1 reading 2 quizzes


Tham gia đánh giá khóa học

Nếu bạn đã học qua khóa học này thì mời bạn tham gia đóng góp ý kiến và đánh giá để cộng đồng bạn học có thêm thông tin tham khảo.

Thời lượng: 15 hours
Ngôn ngữ giảng dạy: Tiếng Anh
Chi phí: Miễn phí / 0
Đối tượng: Intermediate

Thông tin về nhà cung cấp

Coursera (/ kərˈsɛrə /) là một nền tảng học tập trực tuyến toàn cầu được thành lập vào năm 2012 bởi 2 giáo sư khoa học máy tính của đại học Stanford là Andrew NgDaphne Koller, nền tảng này cung cấp các khóa học trực tuyến (MOOC) cho cộng đồng người học online.

Coursera hợp tác với các trường đại học danh tiếng tại Bắc Mỹ và trên khắp thế giới, cùng với nhiều tổ chức khác để cung cấp các khóa học trực tuyến chất lượng, theo chuyên ngành và được cấp chứng chỉ trong nhiều lĩnh vực như kỹ thuật, khoa học dữ liệu, học máy, toán học, kinh doanh, khoa học máy tính, tiếp thị kỹ thuật số, nhân văn, y học, sinh học, khoa học xã hội , và nhiều ngành khác.

Các khóa học cùng chủ đề

Secure Networked System with Firewall and IDS

In this MOOC we will focus on learning how network systems are secured using firewalls and IDS. This will include understanding the basic components of network security constructing a dual-firewall...

Azure Infrastructure Fundamentals

Microsoft Azure is a service created by Microsoft to provide cloud computing for creating and managing applications and services using a cloud environment. Azure provides software as a service (SaaS)...

Identifying Security Vulnerabilities in C/C++Programming

This course builds upon the skills and coding practices learned in both Principles of Secure Coding and Identifying Security Vulnerabilities courses one and two in this specialization. This course uses...

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top