
Explore reconnaissance and attacker patterns, including port checks and version discovery via headers, brute force, authentication bypass, and input validation flaws, with practical defense for robust software.
Navigate secure software development with external libraries and cloud services, and vet third-party modules, open-source risks, encryption, and least privilege to prevent data exposure.
Define security requirements and design using the CIA triad—confidentiality, integrity, and availability—while ensuring secure connections, input validation, and a symbiotic, focused, complete, unitary, and measurable approach.
Examine common security design flaws in a deliberately unsafe app, highlighting authentication and authorization weaknesses, hard-coded credentials, insecure hashing, SQL injection risks, and insecure secret management.
Explore four risk response strategies—risk avoidance, risk transfer, risk mitigation, and risk acceptance—to manage cybersecurity risks. See practical examples like outsourcing authentication and input sanitization, with cost-based decision making.
Explore how a race condition arises in Python by using threading to increment a global hits dictionary. See how unsynchronized access across 10 threads leads to the last writer wins.
learn how to remediate race conditions by using locks for synchronization, including a threading.lock example and the context manager approach, and explore related concurrency primitives.
Explore the OWASP top 10 platform vulnerabilities across web, IoT, and mobile. The lecture highlights injection, cross site scripting, broken access control, data exposure, insecure data storage, and secure updates.
Explore desktop vulnerabilities in cross-platform apps, including dynamic linking, dll injection, and shell code risks. Learn to mitigate with input validation, encryption, signing, and safe debugging practices.
Master error handling and protections by preventing and testing runtime errors, using structured exception handling, fuzzing and property-based testing, and logging to secure production environments.
Highlights why security testing matters and outlines approaches such as penetration testing, static and dynamic analysis, code reviews, and regression testing to patch weaknesses and improve secure design.
The Cyber Secure Coder (CSC-110) course is designed to provide participants with a comprehensive understanding of secure coding practices and principles. This course focuses on equipping individuals with the necessary knowledge and skills to develop secure software applications, with an emphasis on mitigating common vulnerabilities and ensuring data confidentiality, integrity, and availability.
Cyber Secure Coder will aid in developing an appropriate understanding of secure development practices and how those practices protect against various types of vulnerabilities. You will learn the types of vulnerabilities, the exploits that can occur from those vulnerabilities, and the programming practices that will help prevent exploitation in an application.
By the end of the Cyber Secure Coder (CSC-110) course, participants will have the necessary skills to develop secure software applications and integrate security practices throughout the software development life cycle. They will be able to identify and mitigate common vulnerabilities, ensuring the confidentiality, integrity, and availability of data.
Understand the importance of secure coding practices in software development.
Identify common vulnerabilities and threats in software applications.
Learn secure coding principles and best practices.
Develop skills to write secure code for various programming languages.
Implement secure coding techniques to protect against common attacks.
Apply security controls to ensure data confidentiality, integrity, and availability.
Learn how to conduct security testing and code reviews to identify vulnerabilities.
Understand the legal and ethical aspects of secure coding.