• Online, Self-Paced
Course Description

Security is a major concern when designing and developing a software application. In this course, you'll learn the best practices for implementing security within your applications. This includes handling authentication and passwords, validating data, handling and logging errors, ensuring file and database security, and managing memory.

Learning Objectives

Security Fundamentals

  • start the course
  • identify the goal of application security and the need to consider security issues in the design and development of software applications
  • list the guidelines for implementing security in your software development process
  • recognize the various ways that your application can develop security problems
  • identify the possible consequences of security problems

Input and Output Validation

  • identify the importance of data validation within your application
  • describe the main functions that your data validation should perform on input data
  • recognize code that follows best practices for validating input data
  • identify the importance of validating and encoding output data returned from your application
  • recognize code that follows best practices for validating output data

Authentication Management

  • recognize the importance of implementing authentication within your application and how it relates to security issues
  • identify the various resources requiring authentication and potential associated security issues
  • identify best practices for implementing authentication within your application
  • recognize best practices for creating secure passwords
  • recognize best practices for allowing users to change or recover passwords
  • identify best practices for managing and maintaining passwords

Secure Coding

  • describe best practices for safely and securely handling errors in your application
  • list information contained in logs and how to securely handle the log files your application generates
  • identify best practices for securing data that is accessible by your application
  • describe best practices for securing the uploading of files from within your application
  • describe best practices for securing database access from your application
  • identify best practices your application should use for managing memory

Practice: Best Software Security Practices

  • list the best practices for creating secure applications

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.