- Platform
- Coursera
- Provider
- University of Maryland, College Park
- Effort
- 3-5 hours/week
- Length
- 6 weeks
- Language
- English
- Credentials
- Paid Certificate Available
- Part of
- Course Link
Overview
This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, SQL injection, and session hijacking -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. Successful learners in this course typically have completed sophomore/junior-level undergraduate work in a technical field, have some familiarity with programming, ideally in C/C++ and one other "managed" program language (like ML or Java), and have prior exposure to algorithms. Students not familiar with these languages but with others can improve their skills through online web tutorials.
Taught by
Michael Hicks
This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, SQL injection, and session hijacking -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. Successful learners in this course typically have completed sophomore/junior-level undergraduate work in a technical field, have some familiarity with programming, ideally in C/C++ and one other "managed" program language (like ML or Java), and have prior exposure to algorithms. Students not familiar with these languages but with others can improve their skills through online web tutorials.
Syllabus
OVERVIEW
Overview and expectations of the course
LOW-LEVEL SECURITY
Low-level security: Attacks and exploits
DEFENDING AGAINST LOW-LEVEL EXPLOITS
Defending against low-level exploits
WEB SECURITY
Web security: Attacks and defenses
SECURE SOFTWARE DEVELOPMENT
Designing and Building Secure Software
PROGRAM ANALYSIS
Static Program Analysis
PEN TESTING
Penetration and Fuzz Testing
OVERVIEW
Overview and expectations of the course
LOW-LEVEL SECURITY
Low-level security: Attacks and exploits
DEFENDING AGAINST LOW-LEVEL EXPLOITS
Defending against low-level exploits
WEB SECURITY
Web security: Attacks and defenses
SECURE SOFTWARE DEVELOPMENT
Designing and Building Secure Software
PROGRAM ANALYSIS
Static Program Analysis
PEN TESTING
Penetration and Fuzz Testing
Taught by
Michael Hicks