Ir al contenido principal

IBM: Application Security for Developers

Learn to identify security vulnerabilities in applications and implement secure code practices to prevent events like data breaches and leaks. Become familiar with DevSecOps practices, and SAST for identifying security flaws.

Application Security for Developers
5 semanas
8–10 horas por semana
A tu ritmo
Avanza a tu ritmo
Gratis
Verificación opcional disponible

Hay una sesión disponible:

Una vez finalizada la sesión del curso, será archivadoAbre en una pestaña nueva.
Comienza el 3 may
Inscríbete
Application Security for Developers

Sobre este curso

Omitir Sobre este curso

Vulnerabilities can occur at any stage of software development, making it critical for developers to write secure code and maintain a secured development environment and the platform it runs on. In this course, you will learn to identify security vulnerabilities in applications and implement secure code practices to prevent events like data breaches and leaks which can significantly impact an organization’s reputation and financial condition. This course provides a comprehensive overview of security best practices that developers should follow when developing applications. You’ll gain extensive knowledge on various practices, concepts, and processes for maintaining a secure environment, including DevSecOps practices that automate security integration across the software development lifecycle (SDLC), Static Application Security Testing (SAST) for identifying security flaws, Dynamic Analysis, and Dynamic Testing, and creating a Secure Development Environment, an ongoing process for securing a network, computing resources, and storage devices both on-premise and in the cloud. This course familiarizes you with the top Open Web Application Security Project (OWASP) application security risks such as broken access controls and SQL injections and teaches you how to prevent and mitigate these threats. This course includes multiple hands-on labs to develop and demonstrate your skills and knowledge for maintaining a secure development environment.

De un vistazo

  • Language English
  • Video Transcripts اَلْعَرَبِيَّةُ, Deutsch, English, Español, Français, हिन्दी, Bahasa Indonesia, Português, Kiswahili, తెలుగు, Türkçe, 中文
  • Associated skillsSQL Injection, Vulnerability, Development Environment, Systems Development Life Cycle, Storage Devices, Open Web Application Security Project (OWASP), Software Development Life Cycle, Software Development, Dynamic Program Analysis, DevSecOps, Application Security, Network Computing, Access Controls, Static Application Security Testing (SAST)

Lo que aprenderás

Omitir Lo que aprenderás

  • Demonstrate your knowledge of security testing procedures and describe how coding practices and other mitigation strategies help reduce risk.

  • Apply security concepts to various stages of the Software Development Lifecycle (SDLC).

  • Explain security by design, and develop applications using security by design principles.

  • Perform defensive coding that follow Open Web Application Security Project (OWASP) principles.

Plan de estudios

Omitir Plan de estudios

Module 1 - Introduction to Security for Application Development

  • Security By Design
  • What is DevSecOps
  • Vulnerability Scanning and Threat Modeling
  • Threat Monitoring
  • Activity: Security Concepts and Terminology

Module 2: Security Testing and Mitigation Strategies

  • Introduction to Security Testing and Mitigation Strategies

  • Static Analysis

  • Hands-on Lab: Using Static Analysis

  • Dynamic Analysis

  • Hands-on Lab: Using Dynamic Analysis

  • Code Review

  • Vulnerability Analysis

  • Hands-on Lab: Evaluating Vulnerability Analysis

  • Runtime Protection
  • Software Component Analysis
  • Hands-on Lab: Evaluate Software Component Analysis
  • Continuous Security Analysis

Module 3: OWASP Application Security Risks

  • Intro to OWASP (Top 10) Sec Vulnerabilities
  • OWASP Top 1-3
  • OWASP Top 4-6
  • OWASP Top 7-10
  • SQL Injections
  • Other Types of SQL Injection Attacks
  • Hands-on Lab: Understanding SQL Injections
  • Cross Site Scripting
  • Hands-on Lab: Cross Site Scripting
  • Storing Secrets Securely
  • Hands-on Lab: Storing Secrets Securely

Module 4: Security Best Practices

  • Code Practices
  • Hands-on Lab: Code Practices
  • Dependencies
  • Hands-on Lab: Dependencies
  • Secure Development Environment
  • Hands-on Lab: Secure Development Environment

Module 5: Final Exam

¿Quién puede hacer este curso?

Lamentablemente, las personas residentes en uno o más de los siguientes países o regiones no podrán registrarse para este curso: Irán, Cuba y la región de Crimea en Ucrania. Si bien edX consiguió licencias de la Oficina de Control de Activos Extranjeros de los EE. UU. (U.S. Office of Foreign Assets Control, OFAC) para ofrecer nuestros cursos a personas en estos países y regiones, las licencias que hemos recibido no son lo suficientemente amplias como para permitirnos dictar este curso en todas las ubicaciones. edX lamenta profundamente que las sanciones estadounidenses impidan que ofrezcamos todos nuestros cursos a cualquier persona, sin importar dónde viva.

Este curso es parte del programa DevOps and Software Engineering Professional Certificate

Más información 
Instrucción por expertos
15 cursos de capacitación
A tu ritmo
Avanza a tu ritmo
1 año 1 mes
7 - 9 horas semanales

Formas de realizar este curso

Elige tu camino al inscribirte.

Verified Track

Audit Track

Costo

99 US$

Free

Acceso a los materiales del curso

Ilimitado

Limitado

Caduca el 7 jun

World class institutions and universities

Asistencia de edX

Certificado para compartir al finalizar

Tareas con calificación y exámenes

Visita la sección de Preguntas frecuentesen una pestaña nueva con preguntas frecuentes sobre estas modalidades.

¿Te interesa este curso para tu negocio o equipo?

Capacita a tus empleados en los temas más solicitados con edX para Negocios.
ComprarSolicitar información