Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Software Development Tools No-Code Development
Business
Entrepreneurship Communication Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certifications Network & Security Hardware Operating Systems & Servers Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Learning Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Amazon AWS CompTIA Security+ Cisco CCNA Microsoft AZ-900
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Canva Design Theory Character Design
Life Coach Training Personal Development Neuro-Linguistic Programming Personal Transformation Mindfulness Life Purpose Meditation CBT Coaching
Web Development JavaScript React Angular CSS Django PHP Node.Js WordPress
Google Flutter Android Development iOS Development React Native Swift Dart (programming language) Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Marketing Strategy Google Ads (AdWords) Certification Internet Marketing YouTube Marketing Google Analytics Email Marketing
Microsoft Power BI SQL Tableau Business Analysis Data Modeling Business Intelligence MySQL Data Analysis Blockchain
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Freelancing Business Plan Startup Online Business Blogging Home Business
Unity Unreal Engine Game Development Fundamentals C# 3D Game Development C++ Unreal Engine Blueprints 2D Game Development Mobile Game Development
30-Day Money-Back Guarantee
IT & Software Other IT & Software Generic Programming

Secure Coding - Secure application development

Methodologies and tools to develop secure applications
Rating: 3.8 out of 53.8 (755 ratings)
1,320 students
Created by Gianluca Golinelli
Last updated 1/2021
English
English, Spanish
30-Day Money-Back Guarantee

What you'll learn

  • Secure programming of application code
  • Main vulnerabilities inherent in applications
  • Secure coding
  • Owasp methodologies and standards
  • Understand how to mitigate and not introduce vulnerabilities in applications
  • Web Application Security

Requirements

  • Knowledge of programming languages

Description

The course is suitable for programmers, project managers or software architects and provides indications on the methodological bases, standards (as Owasp best practices) and tools for developing secure code, avoiding the inclusion of bugs or vulnerabilities in the programs. Various practical workshops are carried out to support the theoretical treatment, which show the use of the tools and the mitigation of some of the vulnerabilities most frequently found in web or desktop applications.

Who this course is for:

  • Software developers
  • Project managers
  • Software architects

Course content

8 sections • 40 lectures • 2h 33m total length

  • Preview03:16
  • Preview04:24

  • Preview02:53
  • Risk analysis
    04:11
  • Threat modeling
    06:31
  • Threat modeling - exercise
    03:03
  • SAST (Static Application Security Testing) tools
    03:10
  • The OWASP community
    02:30
  • Guidelines for secure coding
    02:00
  • Verification test
    7 questions

  • Introduction to the HTTP protocol
    07:14
  • Owasp Penetration Testing Guide
    01:47
  • Help tools for VAPT activities
    07:10
  • Lab: using Burp proxy to test web applications
    17:01

  • Secure Coding guidelines for input validation
    02:25
  • SQL Injection vulnerability
    03:54
  • SQL Injection vulnerability Lab
    03:50
  • LDAP and XPath Injection vulnerabilities
    03:53
  • Cross-Site Scripting (XSS) vulnerability
    04:00
  • Cross-Site Scripting (XSS) vulnerability Lab
    03:33
  • OS Command Injection vulnerability
    02:47
  • OS Command Injection vulnerability Lab
    04:43
  • LFI (Local File Inclusion) and RFI (Remote File Inclusion) vulnerabilities
    02:37
  • LFI / RFI vulnerabilities Lab
    03:53
  • Unvalidated File Upload vulnerability
    01:19
  • Unvalidated File Upload vulnerability Lab
    04:22
  • Buffer Overflow vulnerabilities
    04:38
  • XXE (XML External Entities) Vulnerabilities
    02:47
  • XXE (XML External Entities) Lab
    04:37
  • Insecure Deserialization
    02:26
  • Verification test
    7 questions

  • Authentication mechanisms
    05:31
  • Guidelines for authentication and password management
    01:38
  • Attacks on authentication
    02:07

  • Introduction to Session Management in Web Applications
    03:44
  • Session Management best practices
    01:56
  • XSRF (Cross-site Request Forgery) Attack
    02:43

  • Introduction to cryptography and guidelines for using encryption
    02:21
  • Symmetric cryptography
    01:56
  • Asymmetric cryptography
    04:46
  • Hashing algorithms
    04:50
  • Verification test
    9 questions

  • Links for further information
    01:00

Instructor

Gianluca Golinelli
Engineer
Gianluca Golinelli
  • 4.0 Instructor Rating
  • 908 Reviews
  • 1,845 Students
  • 6 Courses

Electronic engineer, specialized in IT security and digital forensics. EC-Council CEH certified, CHFI, CASE.NET, Certified EC-Council Instructor, CompTIA Security +, ISACA CSX-P. He has 20 years of experience in IT training for companies and institutions. He is Technical Consultant for litigation in the civil field relating to IT matters and digital forensics.

  • Udemy Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Impressum Kontakt
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
Udemy
© 2021 Udemy, Inc.