IBM - Application Security for Developers and DevOps Professionals
- Offered byCoursera
Application Security for Developers and DevOps Professionals at Coursera Overview
Duration | 17 hours |
Start from | Start Now |
Total fee | Free |
Mode of learning | Online |
Difficulty level | Intermediate |
Official Website | Explore Free Course  |
Credential | Certificate |
Application Security for Developers and DevOps Professionals at Coursera Highlights
- Earn a certificate from IBM
- Add to your LinkedIn profile
- 14 quizzes
Application Security for Developers and DevOps Professionals at Coursera Course details
- What you'll learn
- Explain security by design, learn to develop applications using security by design principles; perform defensive coding following OWASP principles.
- Describe IBM cloud container vulnerability; perform vulnerability scanning and pen testing with Kali Linux.
- Describe what to look for in app performance; perform troubleshooting using logging, stack trace, and log analytics.
- Discuss concepts like Golden Signals; list tools for monitoring and troubleshooting; and test monitoring in action with Prometheus and Grafana.
- How vulnerable are your applications to security risks and threats? This course will help you identify vulnerabilities and monitor the health of your applications and systems. You will examine and implement secure code practices to prevent events like data breaches and leaks, and discover how practices like monitoring and observability can keep systems safe and secure.
- You will gain extensive knowledge on various practices, concepts, and processes for maintaining a secure environment, including DevSecOps practices that automate security integration across the software development lifecycle (SDLC), Static Application Security Testing (SAST) for identifying security flaws, Dynamic Analysis, and Dynamic Testing. You will also learn about creating a Secure Development Environment, both on-premise and in the cloud. You will explore the Open Web Application Security Project (OWASP) top application security risks, including broken access controls and SQL injections.
- Additionally, you will learn how monitoring, observability, and evaluation ensure secure applications and systems. You will discover the essential components of a monitoring system and how application performance monitoring (APM) tools aid in measuring app performance and efficiency. You will analyze the Golden Signals of monitoring, explore visualization and logging tools, and learn about the different metrics and alerting systems that help you understand your applications and systems.
- Through videos, hands-on labs, peer discussion, and the practice and graded assessments in this course, you will develop and demonstrate your skills and knowledge for creating and maintaining a secure development environment.
Application Security for Developers and DevOps Professionals at Coursera Curriculum
Introduction to Security for Application Development
Course Introduction
Security by Design
What is DevSecOps?
The OSI Model
Securing Layers for Application Development
Security Patterns
TLS/SSL
What is OpenSSL?
Vulnerability Scanning and Threat Modeling
Threat Monitoring
Security Concepts and Terminology
Summary & Highlights - Introduction to DevSecOps
Summary and Highlights - Understanding the Role of Network Security
Getting Started with Network and Port Scanning with Nmap
Summary and Highlights - Inspecting Security in Application Development
Introduction to DevSecOps
Understanding the Role of Network Security
Inspecting Security in Application Development
Graded Quiz: Introduction to Security for Application Development
Hands on Lab: Using OpenSSL to Encrypt and Decrypt Files
Hands on Lab: Scanning a Network Environment with Nmap
Cheat Sheet: Introduction to Security for Application Development
Module 1 Glossary: Introduction to Security for Application Development
Security Testing and Mitigation Strategies
Introduction to Security Testing and Mitigation Strategies
Static Analysis
Dynamic Analysis
Code Review
Vulnerability Analysis
Demo Video: Evaluating Vulnerability Analysis
Runtime Protection
Software Component Analysis
Continuous Security Analysis
Summary & Highlights - Introduction to Security Testing and Mitigation Strategies
Summary & Highlights - Implementing Key Analysis in Applications
Introduction to Security Testing and Mitigation Strategies
Implementing Key Analysis in Applications
Graded Quiz: Security Testing and Mitigation Strategies
Hands-on Lab: Using Static Analysis
Hands-on Lab: Using Dynamic Analysis
Hands-on Lab: Evaluating Vulnerability Analysis
Hands-on Lab: Evaluate Software Component Analysis
Reading: Evaluate Software component analysis
Cheat Sheet: Security Testing and Mitigation Strategies
Module 2 Glossary: Security Testing and Mitigation Strategies
OWASP Application Security Risks
Intro to OWASP (Top 10) Sec Vulnerabilities
OWASP Top 1-3
OWASP Top 4-6
OWASP Top 7-10
Demo Video: Snyk (SAST) Free Tool
SQL Injections
Other Types of SQL Injection Attacks
Demo Video: Example of an SQL Injection
Cross Site Scripting
Storing Secrets Securely
Discover Code Vulnerabilities with Snyk (SAST) Free Tool
Summary & Highlights - Introducing OWASP Top 10
Summary & Highlights - Diving Deeper into OWASP
Practice Quiz: Introducing OWASP Top 10
Diving Deeper into OWASP
Graded Quiz: OWASP Application Security Risks
Hands-on Lab: Understanding SQL Injections
Hands-on Lab: Cross Site Scripting
Hands-on Lab: Storing Secrets Securely
Hands on Lab: Discover Code Vulnerabilities with Snyk (SAST) Free Tool
Reading: Cross Site Scripting
Cheat Sheet: OWASP Application Security Risks
Module 3 Glossary: OWASP Application Security Risks
Security Best Practices , Final Project, and Assessment
Code Practices
Dependencies
Secure Development Environment
Summary & Highlights - Code Development Practices
Congratulations and Next Steps
Thanks from the Course Team
Code Development Practices
Graded Quiz: Security Best Practices
Graded Quiz: Final Project
Final Assessment
Hands-on Lab: Code Practices
Hands-on Lab: Secure Development Environment
Reading: CodeQL Analysis
Cheat Sheet: Security Best Practices
Module 4 Glossary: Security Best Practices
Practice Lab: Security Vulnerability Scan and Fix
Final Lab: Scan and Fix Vulnerabilities
Glossary: Application Security for Developers and DevOps Professionals
Application Security for Developers and DevOps Professionals at Coursera Admission Process
Important Dates
Other courses offered by Coursera
Student Forum
Anything you would want to ask experts?