Skip to main content

Application Security for Developers

Learn to identify security vulnerabilities in applications and implement secure code practices to prevent events like data breaches and leaks. Become familiar with DevSecOps practices, and SAST for identifying security flaws.

...
Application Security for Developers

There is one session available:

219 already enrolled!
After a course session ends, it will be archivedOpens in a new tab.
Starts Dec 19

Application Security for Developers

Learn to identify security vulnerabilities in applications and implement secure code practices to prevent events like data breaches and leaks. Become familiar with DevSecOps practices, and SAST for identifying security flaws.

Application Security for Developers
5 weeks
8–10 hours per week
Self-paced
Progress at your own speed
Free
Optional upgrade available

There is one session available:

After a course session ends, it will be archivedOpens in a new tab.
Starts Dec 19

About this course

Skip About this course

Vulnerabilities can occur at any stage of software development, making it critical for developers to write secure code and maintain a secured development environment and the platform it runs on. In this course, you will learn to identify security vulnerabilities in applications and implement secure code practices to prevent events like data breaches and leaks which can significantly impact an organization’s reputation and financial condition. This course provides a comprehensive overview of security best practices that developers should follow when developing applications. You’ll gain extensive knowledge on various practices, concepts, and processes for maintaining a secure environment, including DevSecOps practices that automate security integration across the software development lifecycle (SDLC), Static Application Security Testing (SAST) for identifying security flaws, Dynamic Analysis, and Dynamic Testing, and creating a Secure Development Environment, an ongoing process for securing a network, computing resources, and storage devices both on-premise and in the cloud. This course familiarizes you with the top Open Web Application Security Project (OWASP) application security risks such as broken access controls and SQL injections and teaches you how to prevent and mitigate these threats. This course includes multiple hands-on labs to develop and demonstrate your skills and knowledge for maintaining a secure development environment.

At a glance

  • Institution: IBM
  • Subject: Computer Science
  • Level: Intermediate
  • Prerequisites:

    Only basic computer literacy is required.

What you'll learn

Skip What you'll learn
  • Demonstrate your knowledge of security testing procedures and describe how coding practices and other mitigation strategies help reduce risk.

  • Apply security concepts to various stages of the Software Development Lifecycle (SDLC).

  • Explain security by design, and develop applications using security by design principles.

  • Perform defensive coding that follow Open Web Application Security Project (OWASP) principles.

Module 1: Introduction to Security for Application Development

  • Security By Design

  • What is DevSecOps

  • Vulnerability Scanning and Threat Modeling

  • Threat Monitoring

  • Activity: Security Concepts and Terminology

Module 2: Security Testing and Mitigation Strategies

  • Intro to Security Testing and Mitigation Strategies

  • Static Analysis

  • Dynamic Analysis

  • Hands-on Lab: Using Static and Dynamic Analysis

  • Code Review

  • Vulnerability Analysis

  • Evaluating Vulnerability Analysis

  • Runtime Protection

  • Software Component Analysis

  • Hands-on Lab: Evaluate Software Component Analysis

  • Continuous Security Analysis

Module 3: OWASP

  • Intro to OWASP

  • OWASP Top 1-3

  • OWASP Top 4-6

  • OWASP Top 7-10

  • SQL Injections

  • Hands-on Lab: Understanding SQL Injections

  • Software and Data Integrity Failures: Cross Site Scripting

  • Hands-on Lab: Software and Data Integrity Failures: Cross Site Scripting

  • Storing Secrets Securely

  • Lab: Storing Secrets Securely

  • App ID

Module 4: Security Best Practices

  • Code Practices

  • Hands-on Lab: Code Practices

  • Dependencies

  • Hands-on Lab: Dependencies

  • Secure Development Environment

  • Hands-on Lab: Secure Development Environment

Module 5: Final Exam

About the instructors

Who can take this course?

Unfortunately, learners residing in one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.

Interested in this course for your business or team?

Train your employees in the most in-demand topics, with edX For Business.