| Published | 2022-06-09 |
| Platform | Udemy |
| Rating | 5.00 |
| Number of Reviews | 8 |
| Number of Students | 8 |
| Price | $84.99 |
| Instructors |
Edward Palumbo
Jim Sullivan
|
| Subjects |
Learn and understand development of software systems and the application of security principles to the acquisition.
Welcome to this course. Today, many security efforts look to solve security problems through controls such as firewalls, intrusion detection systems (IDSs), content filtering, antimalware software, vulnerability scanners, and much more. This reliance on a long laundry list of security technologies occurs mainly because our software contains many vulnerabilities. Our environments are commonly referred to as hard and crunchy on the outside and soft and chewy on the inside. This means our perimeter security is fortified and solid, but our internal environment and software are easy to exploit once access has been obtained. Software controls come in various flavors and have many different goals. They can control input, encryption, logic processing, number-crunching methods, interprocess communication, access, output, and interfacing with other software. Software controls should be developed with potential risks in mind, and many types of threat models and risk analyses should be invoked at different stages of development. The goals are to reduce vulnerabilities and the possibility of system compromise. The controls can be preventive, detective, or corrective. While security controls can be administrative and physical in nature, the controls used within software are usually more technical in nature. Security should be interwoven into the core of a product and provide protection at the necessary layers. This is a better approach than trying to develop a front end or wrapper that may reduce the overall functionality and leave security holes when the software has to be integrated into a production environment.
In this course we will cover the complex world of secure software development and the bad things that can happen when security is not interwoven into products properly. You will learn:
Software development life cycles
Secure software development approaches
Change control and configuration management
Security of code repositories
Database concepts and security issues
Malware types and attacks