Principles of Secure Coding

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

Created by: Matthew Bishop

icon
Quality Score

Content Quality
/
Video Quality
/
Qualified Instructor
/
Course Pace
/
Course Depth & Coverage
/

Overall Score : 84 / 100

icon
Course Description

This course introduces you to the principles of secure programming. It begins by discussing the philosophy and principles of secure programming, and then presenting robust programming and the relationship between it and secure programming. We'll go through a detailed example of writing robust code and we'll see many common programming problems and show their connection to writing robust, secure programs in general. We'll examine eight design principles that govern secure coding and how to apply them to your own work. We'll discuss how poor design choices drive implementation in coding. We'll differentiate between informal, formal, and ad hoc coding methods. Throughout, methods for improving the security and robustness of your programs will be emphasized and you will have an opportunity to practice these concepts through various lab activities. A knowledge of the C programming language is helpful, but not required to participate in the lab exercises.

icon
Instructor Details

Matthew Bishop

Professor Matt Bishop's research area is computer security, in which he has been active since 1979. He is especially interested in vulnerability analysis and denial of service problems, but maintains a healthy concern for formal modeling (especially of access controls and the Take-Grant Protection Model) and intrusion detection and response. He has also worked extensively on the security of various forms of the UNIX operating system. He is involved in efforts to improve education in information assurance, and is a charter member of the Colloquium for Information Systems Security Education. His textbook, Computer Security: Art and Science, was published by Addison-Wesley in December 2002.

icon
Reviews

4.2

5 total reviews

5 star 4 star 3 star 2 star 1 star
% Complete
% Complete
% Complete
% Complete
% Complete

By Divya M on 3-Sep-19

Matt Bishop is an excellent Secure Coding Trainer. I enjoyed the sessions all the way and it was totally engaging with practical examples.

By Matsukatova A on 4-Nov-19

Good Foundational Learning for secure coding.

By John F on 28-Oct-19

Very good overview of Secure Coding principles!

By R.Athindran on 13-Oct-19

Good introduction, at times the explanations are a bit dry and lengthy. A couple more real world stories would spice things up and make principles more memorable.

By Martin T on 7-Nov-19

I felt the scope of this course is too narrow and focussed mainly one a few examples in C code. I would've got more out of it and found it more interesting if the scope was broader and the examples were a higher level, perhaps written in pseudo-code.