• Length:
    7 Weeks
  • Effort:
    1–2 hours per week
  • Price:

    FREE
    Add a Verified Certificate for $199 USD

  • Institution
  • Subject:
  • Level:
    Introductory
  • Language:
    English
  • Video Transcript:
    English
  • Course Type:
    Self-paced on your time

Associated Programs:

Prerequisites

We presume that the student already knows how to develop software to some degree.

About this course

Skip About this course

Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources, to improve information security. This course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.

This course discusses the basics of security, such as what risk management really means. It discusses how to consider security as part of the requirements of a system, and what potential security requirements you might consider. This part then discusses how to design software to be secure, including various secure design principles that will help you avoid bad designs and embrace good ones. It also discusses how to secure your software supply chain, that is, how to more securely select and acquire reused software (including open source software) to enhance security.

This is the first of the three courses in the Secure Software Development Fundamentals Professional Certificate program, and was developed by the Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on securing the open source ecosystem. The training courses included in this program focus on practical steps that you (as a developer) can take to counter most common kinds of attacks.

What you'll learn

Skip What you'll learn
  • Security basics: risk management, the “CIA” triad, and requirements.
  • Secure design principles: what are principles such as “least privilege” and how to apply these principles.
  • Supply chain evaluation: tips on how to choose packages to reuse, and how to reuse them so that you can rapidly be alerted & update.
  • Welcome!
  • Security Basics
  • Secure Design Principles
  • Reusing External Software
  • Final Exam (Verified track only)

Meet your instructors

David A. Wheeler
Director of Open Source Supply Chain Security
The Linux Foundation

Pursue a Verified Certificate to highlight the knowledge and skills you gain
$199 USD

View a PDF of a sample edX certificate
  • Official and Verified

    Receive an instructor-signed certificate with the institution's logo to verify your achievement and increase your job prospects

  • Easily Shareable

    Add the certificate to your CV or resume, or post it directly on LinkedIn

  • Proven Motivator

    Give yourself an additional incentive to complete the course

  • Support our Mission

    EdX, a non-profit, relies on verified certificates to help fund free education for everyone globally

Who can take this course?

Unfortunately, learners from one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. EdX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.