IBM
Application Security for Developers and DevOps Professionals
IBM

Application Security for Developers and DevOps Professionals

John Rofrano

Instructor: John Rofrano

Top Instructor

Access provided by Financial Conduct Authority

24,810 already enrolled

Gain insight into a topic and learn the fundamentals.
4.7

(235 reviews)

Intermediate level

Recommended experience

Flexible schedule
2 weeks at 10 hours a week
Learn at your own pace
97%
Most learners liked this course
Gain insight into a topic and learn the fundamentals.
4.7

(235 reviews)

Intermediate level

Recommended experience

Flexible schedule
2 weeks at 10 hours a week
Learn at your own pace
97%
Most learners liked this course

What you'll learn

  • Explain security by design, learn to develop applications using security by design principles; perform defensive coding following OWASP principles.

  • Describe IBM cloud container vulnerability; perform vulnerability scanning and pen testing with Kali Linux.

  • Describe what to look for in app performance; perform troubleshooting using logging, stack trace, and log analytics.

  • Discuss concepts like Golden Signals; list tools for monitoring and troubleshooting; and test monitoring in action with Prometheus and Grafana.

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

14 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

 logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is available as part of
When you enroll in this course, you'll also be asked to select a specific program.
  • Learn new concepts from industry experts
  • Gain a foundational understanding of a subject or tool
  • Develop job-relevant skills with hands-on projects
  • Earn a shareable career certificate from IBM

There are 4 modules in this course

In this module, you will identify how security fits into your workflow and gain a working knowledge of security concepts and terminology. You’ll discover how to design for security in the Software Development Lifecycle (SDLC) and find out about a set of practices known as DevSecOps. You will also discover the OSI model, identify the necessary OSI layers for developers, and implement security measures on the four layers of application development. You will gain insights into security patterns and learn how to organize them. You will describe TLS (Transport Layer Security) and SSL (Secure Sockets Layer), identify how to keep TLS secure in the SDLC, and explore OpenSSL and its purpose. You will learn the strategies, best practices, and methodologies for getting security early into your code to protect applications against threats and vulnerabilities. Further, you’ll find out how you can use tools like vulnerability scanners and threat models to mitigate security vulnerabilities. You’ll also get the opportunity to add key terms like authentication, encryption, and integrity to your security vocabulary. Finally, you will also perform hands-on labs to encrypt and decrypt files using OpenSSL and scan a network environment with Nmap.

What's included

11 videos4 readings4 assignments2 app items2 plugins

In this module, you will learn the key mitigation strategies to secure your application throughout development and production. You will also discover a range of security testing methods like static analysis, dynamic analysis, vulnerability analysis, software component analysis, and continuous security analysis. You will explore ways to perform code review and ensure runtime protection for application development. You will also perform hands-on labs based on static analysis, dynamic analysis, vulnerability scanning, and vulnerability detection.

What's included

9 videos2 readings3 assignments4 app items3 plugins

In this module, you will learn about the Open Web Application Security Project (OWASP) and its Top 10 security concerns. You’ll learn about application vulnerabilities and discover the top vulnerabilities concerning security experts and professionals. You will explore SQL injection, cross-site scripting, and storing secrets securely. You will also investigate software and data integrity failures, discover how to detect these types of vulnerabilities, and examine ways to mitigate their impact. You will also perform hands-on labs to analyze your code repository using Snyk and use the Vault Python API (hvac) to read, write, and delete key-value secrets in Vault.

What's included

10 videos3 readings3 assignments3 app items4 plugins

In this module, you will learn about coding best practices and software dependencies. You’ll also explore how to secure a development environment by deciding what to store in a centralized repository and what not to store in GitHub. You will also perform hands-on labs to create HTTP security headers using flask-talisman and safely store and retrieve secrets using the pass CLI (command-line-interface). As your final project, you will check your code on GitHub for vulnerabilities in order of severity and fix the vulnerabilities. You’ll apply the best practices for reducing the risk of vulnerability.

What's included

3 videos3 readings4 assignments2 app items6 plugins

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructor

Instructor ratings
4.7 (52 ratings)
John Rofrano

Top Instructor

IBM
8 Courses310,881 learners

Offered by

IBM

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Learner reviews

4.7

235 reviews

  • 5 stars

    79.23%

  • 4 stars

    14.83%

  • 3 stars

    2.54%

  • 2 stars

    0.42%

  • 1 star

    2.96%

Showing 3 of 235

NK
5

Reviewed on Oct 27, 2022

EJ
5

Reviewed on May 30, 2024

DH
5

Reviewed on Oct 7, 2022

Explore more from Computer Science