Secure Software Development: Implementation

Learn the practical steps software developers can take, even if they have limited resources, to implement secure software.

Secure Software Development: Implementation

There is one session available:

After a course session ends, it will be archived.
Estimated 7 weeks
1–2 hours per week
Self-paced
Progress at your own speed

About this course

Skip About this course

Modern software is under constant attack, but many software developers have never been told how to effectively counter those attacks. This course works to solve that problem, by explaining the fundamentals of developing secure software. Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources to improve information security. This course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.

This course focuses on key implementation issues: input validation (such as why allowlists should be used and not denylists), processing data securely, calling out to other programs, sending output, and error handling. It focuses on practical steps that you (as a developer) can take to counter the most common kinds of attacks.

This is the second of the three courses in the Secure Software Development Fundamentals Professional Certificate program, and was developed by the Open Source Security Foundation (OpenSSF), a project of the Linux Foundation focused on securing the open source ecosystem.

At a glance

  • Institution: LinuxFoundationX
  • Subject: Computer Science
  • Level: Introductory
  • Prerequisites:

    We presume that the student already knows how to develop software to some degree.

What you'll learn

Skip What you'll learn
  • Implementation: You’ll learn how to implement much more secure software. This includes how to do Input validation, process data securely, call out to other programs, and send output. You’ll also learn about more specialized approaches, including some basics of cryptography and handling problems (such as error-handling code).
  • Welcome!
  • Chapter 1. Input Validation
  • Chapter 2. Processing Data Securely
  • Chapter 3. Calling Other Programs
  • Chapter 4. Sending Output
  • Final Exam (Verified Certificate track only

About the instructors

Who can take this course?

Unfortunately, learners from one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.