The primary objective of this course is to teach professional computer programmers about the common methods used by hackers to exploit vulnerabilities in computer programs, and how to program defensively to avoid introducing such vulnerabilities into their own programs.
Introduction to Secure Coding
Data validation (input validation, type safe data structures)
Safe coding subsets (most languages have a defined set of safe and unsafe functions)
Deprecated functions (and why not to use them)
Safe library functions
Failsafe defaults and exception handling
Designing Secure Architecture
Secure Programming Concepts
Windows Socket Programming
Programming Port Scanners and Hacking Tools
Securing E-Commerce Applications
Software Activation, Piracy Blocking and Automatic Updates
Secure Application Testing
Writing Secure Documentation and Error Messages
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.