CertNexus Cyber Secure Coder Training (CSC-210)
Over 80% of security breaches exploit software vulnerabilities, yet most teams address security after the code is written, leaving organizations at risk. The Cyber Secure Coder (CSC) course empowers software developers, testers, and architects to build secure, resilient applications by integrating security into every phase of the software development lifecycle.
The CertNexus Cyber Secure Coder (CSC) program guides you through the entire software development lifecycle, emphasizing a security-by-design approach to reduce the risk of security defects, misconfiguration, and vulnerabilities that can undermine your code. Through hands-on labs and real-world scenarios, you’ll learn to eliminate vulnerabilities, find and correct security defects, and design a secure architecture for both new and deployed software. CSC-210 covers secure coding practices, vulnerability assessment, threat modeling, and strategies for maintaining software security long after deployment.
-
This course provides the skills and strategies to create secure software and manage risk at every stage. You will learn to:
- Employ secure software development best practices
- Identify security requirements for your projects
- Eliminate vulnerabilities and misconfigurations in code
- Use a security-by-design approach to architect secure systems
- Protect users and sensitive data with common controls
- Apply testing methods to find and fix security defects
- Maintain deployed software to ensure ongoing security
This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy. This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification.
This course presents secure programming concepts that apply to many different types of software development projects. Although this course uses Python®, HTML, and JavaScript® to demonstrate various programming concepts, you do not need to have experience in these languages to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications.
- Security throughout the development process
- Business, compliance, and user requirements
- Identifying factors undermining software security
- Recognizing vulnerabilities and attack patterns
- Gathering vulnerability intelligence
- Addressing software defects and misconfiguration
- Managing risks from third-party code
- Handling human factors and social engineering
- Improving development process security
- Applying secure design principles (OWASP, defense in depth, least privilege)
- Threat modeling and risk assessment
- Identifying and countering specific threats
- Secure coding best practices and checklists
- Avoiding common programming errors (buffer overflows, input validation, etc.)
- Preventing platform, privacy, and web/mobile vulnerabilities
- Access control, authentication, and session management
- Protecting data in transit and at rest (encryption, PKI)
- Secure error handling, logging, and output restrictions
- Preventing SQL injection and securing database access
- Security testing phases and strategies
- Static and dynamic code analysis
- Automated tools for vulnerability detection
- Monitoring and logging applications
- Ongoing patch management and maintenance
- Secure deprovisioning and uninstallation