Informações sobre o curso
4.6
702 classificações
168 avaliações
This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, SQL injection, and session hijacking -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. Successful learners in this course typically have completed sophomore/junior-level undergraduate work in a technical field, have some familiarity with programming, ideally in C/C++ and one other "managed" program language (like ML or Java), and have prior exposure to algorithms. Students not familiar with these languages but with others can improve their skills through online web tutorials....
Globe

cursos 100% online

Comece imediatamente e aprenda em seu próprio cronograma.
Calendar

Prazos flexíveis

Redefinir os prazos de acordo com sua programação.
Clock

Approx. 22 hours to complete

Sugerido: 6 weeks of study, 3-5 hours/week...
Comment Dots

English

Legendas: English, Korean...

Habilidades que você terá

Fuzz TestingBuffer OverflowSql InjectionPenetration Test
Globe

cursos 100% online

Comece imediatamente e aprenda em seu próprio cronograma.
Calendar

Prazos flexíveis

Redefinir os prazos de acordo com sua programação.
Clock

Approx. 22 hours to complete

Sugerido: 6 weeks of study, 3-5 hours/week...
Comment Dots

English

Legendas: English, Korean...

Programa - O que você aprenderá com este curso

Week
1
Clock
2 horas para concluir

OVERVIEW

Overview and expectations of the course...
Reading
3 vídeos (Total de 26 min), 4 leituras, 1 teste
Video3 videos
What is software security?7min
Tour of the course and expected background11min
Reading4 leituras
Introductory Reading10min
Syllabus10min
FAQ and Errata10min
Glossary10min
Quiz1 exercício prático
Qualifying Quiz30min
Clock
2 horas para concluir

LOW-LEVEL SECURITY

Low-level security: Attacks and exploits ...
Reading
6 vídeos (Total de 50 min), 2 leituras, 2 testes
Video6 videos
Memory Layout11min
Buffer Overflow6min
Code Injection6min
Other Memory Exploits11min
Format String Vulnerabilities6min
Reading2 leituras
Week 1 Reading10min
Project 110min
Quiz2 exercícios práticos
Week 1 quiz30min
VM BOF quiz24min
Week
2
Clock
2 horas para concluir

DEFENDING AGAINST LOW-LEVEL EXPLOITS

Defending against low-level exploits...
Reading
7 vídeos (Total de 79 min), 1 leitura, 1 teste
Video7 videos
Memory Safety16min
Type Safety4min
Avoiding Exploitation9min
Return Oriented Programming - ROP11min
Control Flow Integrity14min
Secure Coding18min
Reading1 leituras
Week 2 Reading10min
Quiz1 exercício prático
Week 2 quiz30min
Week
3
Clock
3 horas para concluir

WEB SECURITY

Web security: Attacks and defenses...
Reading
10 vídeos (Total de 101 min), 2 leituras, 2 testes
Video10 videos
Web Basics10min
SQL Injection10min
SQL Injection Countermeasures9min
Web-based State Using Hidden Fields and Cookies13min
Session Hijacking6min
Cross-site Request Forgery - CSRF6min
Web 2.05min
Cross-site Scripting13min
Interview with Kevin Haley21min
Reading2 leituras
Week 3 Reading10min
Project 210min
Quiz2 exercícios práticos
BadStore quiz18min
Week 3 quiz32min
Week
4
Clock
3 horas para concluir

SECURE SOFTWARE DEVELOPMENT

Designing and Building Secure Software...
Reading
10 vídeos (Total de 130 min), 1 leitura, 1 teste
Video10 videos
Threat Modeling, or Architectural Risk Analysis9min
Security Requirements13min
Avoiding Flaws with Principles8min
Design Category: Favor Simplicity10min
Design Category: Trust With Reluctance12min
Design Category: Defense in Depth, Monitoring/Traceability5min
Top Design Flaws9min
Case Study: Very Secure FTP daemon12min
Interview with Gary McGraw40min
Reading1 leituras
Week 4 Reading10min
Quiz1 exercício prático
Week 4 quiz32min
4.6
Direction Signs

25%

comecei uma nova carreira após concluir estes cursos
Briefcase

83%

consegui um benefício significativo de carreira com este curso
Money

18%

recebi um aumento ou promoção

Melhores avaliações

por PRNov 20th 2016

Content is really valuable and actionable with a specific comeback for the student in terms of secure development, security and how to understand the origin of exploits and other cyber attacks

por DTMay 9th 2016

The course of this kind was extremely needed, still in it's current state it contains lots of inaccuracies in lectures and quizes. I hope they will be fixed up to the future sessions.

Instrutores

Michael Hicks

Professor
Department of Computer Science

Sobre University of Maryland, College Park

The University of Maryland is the state's flagship university and one of the nation's preeminent public research universities. A global leader in research, entrepreneurship and innovation, the university is home to more than 37,000 students, 9,000 faculty and staff, and 250 academic programs. Its faculty includes three Nobel laureates, three Pulitzer Prize winners, 47 members of the national academies and scores of Fulbright scholars. The institution has a $1.8 billion operating budget, secures $500 million annually in external research funding and recently completed a $1 billion fundraising campaign. ...

Sobre o Programa de cursos integrados Cybersecurity

The Cybersecurity Specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. These concepts are illustrated with examples drawn from modern practice, and augmented with hands-on exercises involving relevant tools and techniques. Successful participants will develop a way of thinking that is security-oriented, better understanding how to think about adversaries and how to build systems that defend against them....
Cybersecurity

Perguntas Frequentes – FAQ

  • Once you enroll for a Certificate, you’ll have access to all videos, quizzes, and programming assignments (if applicable). Peer review assignments can only be submitted and reviewed once your session has begun. If you choose to explore the course without purchasing, you may not be able to access certain assignments.

  • When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.

Mais dúvidas? Visite o Central de Ajuda ao Aprendiz.