This course is part of the Secure Coding Practices Specialization

4.4
stars
324 ratings

Matthew Bishop, PhD

15,031 already enrolled

Offered By

Secure Coding Practices SpecializationUniversity of California, Davis

About this Course

21,384 recent views

This course introduces you to the principles of secure programming. It begins by discussing the philosophy and principles of secure programming, and then presenting robust programming and the relationship between it and secure programming. We'll go through a detailed example of writing robust code and we'll see many common programming problems and show their connection to writing robust, secure programs in general. We’ll examine eight design principles that govern secure coding and how to apply them to your own work. We’ll discuss how poor design choices drive implementation in coding. We’ll differentiate between informal, formal, and ad hoc coding methods. Throughout, methods for improving the security and robustness of your programs will be emphasized and you will have an opportunity to practice these concepts through various lab activities. A knowledge of the C programming language is helpful, but not required to participate in the lab exercises.

Flexible deadlines

Reset deadlines in accordance to your schedule.

Shareable Certificate

Earn a Certificate upon completion

100% online

Start instantly and learn at your own schedule.

Coursera Labs

Includes hands on learning projects.

Learn more about Coursera Labs

Course 1 of 4 in the

Secure Coding Practices Specialization

Intermediate Level

1-2 years of experience with some form of computer programming language like C/C++ or Java.

Approx. 15 hours to complete

English

Could your company benefit from training employees on in-demand skills?

Try Coursera for Business

Flexible deadlines

Reset deadlines in accordance to your schedule.

Shareable Certificate

Earn a Certificate upon completion

100% online

Start instantly and learn at your own schedule.

Coursera Labs

Includes hands on learning projects.

Learn more about Coursera Labs

Course 1 of 4 in the

Secure Coding Practices Specialization

Intermediate Level

1-2 years of experience with some form of computer programming language like C/C++ or Java.

Approx. 15 hours to complete

English

Could your company benefit from training employees on in-demand skills?

Try Coursera for Business

Instructor

Instructor rating

4.17/5 (72 Ratings)

Matthew Bishop, PhD

Professor

Department of Computer Science

18,543 Learners

2 Courses

Offered by

University of California, Davis

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

Syllabus - What you will learn from this course

Week1

Week 1

3 hours to complete

Secure Programming Philosophy

3 hours to complete

10 videos (Total 66 min), 1 reading, 2 quizzes

10 videos

Course Introduction2mModule 1 Introduction1mThe Philosophy of Secure Programming2mDefining Secure Programming4mRobust vs. Secure Programming14mSecurity Policies and Procedures8mSecure Programming General Philosophy10mChecking Design and Implementation9mWhere to Look for Vulnerabilities11mSecure Programming Summary49s

1 reading

A Note From UC Davis10m

2 practice exercises

Module 1 Practice Quiz30mModule 1 Quiz45m

Week2

Week 2

4 hours to complete

Secure Programming Design Principles

4 hours to complete

11 videos (Total 36 min), 1 reading, 2 quizzes

11 videos

Module 2 Introduction1mSecure Programming Design Principles Overview2mPrinciple of Least Privilege3mFail-Safe Defaults3mPrinciple of Economy of Mechanism1mPrinciple of Complete Mediation1mSeparation of Privilege Principle3mPrinciple of Open Design7mPrinciple of Least Common Mechanism4mPrinciple of Least Astonishment6mSecure Programming Design Principles Summary1m

1 reading

Complete Mediation - What Is Going On?10m

2 practice exercises

Module 2 Practice Quiz30mModule 2 Quiz30m

Week3

Week 3

5 hours to complete

Robust Programming

5 hours to complete

9 videos (Total 61 min), 2 readings, 2 quizzes

9 videos

Module 3 Introduction1mRobust Programming Overview43sRobust Programming Basic Principles3mAn Example Of Fragile Code13mError Handling11mCohesion, New Interfaces, and Token Generation13mToken Generation and Interpretation5mCreating and Deleting a Queue5mAdding and Removing Elements to a Queue5m

2 readings

Before You Begin This Module...5mFragile Programs - What Is Going On?10m

2 practice exercises

Module 3 Practice Quiz15mModule 3 Quiz30m

Week4

Week 4

4 hours to complete

Methods for Robustness

4 hours to complete

9 videos (Total 42 min), 1 reading, 2 quizzes

9 videos

Module 4 Introduction1mMethods for Robustness Overview28sMethods Overview: Formal, Informal, and Ad Hoc Methods3mOverview of Formal Methods2mLogin Program Example10mIncorporating Hierarchical Decomposition Methodology9mLogin Program: Authenticating a User11mLogin Program: Preconditions and Postconditions32sCourse Summary1m

1 reading

Robust Programs - What Is Going On?10m

2 practice exercises

Module 4 Practice Quiz15mModule 4 Quiz30m

Reviews

4.4

75 reviews

5 stars
59.69%
4 stars
27.07%
3 stars
8%
2 stars
3.38%
1 star
1.84%

TOP REVIEWS FROM PRINCIPLES OF SECURE CODING

by AKJan 7, 2023

It was good, can be more intuitive like second course in same series

by TAOct 12, 2019

Good introduction, at times the explanations are a bit dry and lengthy. A couple more real world stories would spice things up and make principles more memorable.

by MEMay 21, 2021

It's very good start to understand Software Security

by CCNov 30, 2022

The course is very useful for programmer to understand the importance of security.

View all reviews

About the Secure Coding Practices Specialization

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

Frequently Asked Questions

When will I have access to the lectures and assignments?
Access to lectures and assignments depends on your type of enrollment. If you take a course in audit mode, you will be able to see most course materials for free. To access graded assignments and to earn a Certificate, you will need to purchase the Certificate experience, during or after your audit. If you don't see the audit option:
The course may not offer an audit option. You can try a Free Trial instead, or apply for Financial Aid.
The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
What will I get if I subscribe to this Specialization?
When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.
Is financial aid available?
Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

More questions? Visit the Learner Help Center.

Build employee skills, drive business results

Discover Coursera for Business

Principles of Secure Coding

About this Course