As technology becomes increasingly ubiquitous in our daily lives, the need for secure applications becomes ever more important. This course is an introduction to application security for developers, covering a range of topics from common attacks and defences to secure coding principles and specific security controls.

This module introduces learners to the defensive side of Application Security. In this course, you’ll learn the basics of web application architecture and the threat landscape. You’ll explore common attacks, such as those on the OWASP Top 10 list, and discover defence mechanisms for mitigating these threats.

The principles and practices of secure coding will be highlighted, including the principle of least privilege and the importance of security testing during development. We’ll also look at specific security controls, such as authentication, session management, authorization, input validation and output coding, error handling and logging, file system access, cryptography and defensive browser functions. A Review of secdevops principles will also be covered.

By the end of the course, you will have a fundamental understanding of application security and best practices for ensuring that the applications you develop are secure. This course assumes a basic understanding of web development principles and programming concepts, with prior experience in a programming language recommended.

• Application security overview
• Common attacks and defences
• Secure coding principles
• Safety checks
• Authentication
• Session management
• Authorization
• Input validation and output coding
• Error handling and logging
• File system access
• Cryptography
• Defensive browser functions
• Secure DevOps

• Understand application security
• Know of common attacks and defences
• Implement secure coding practices
• Apply best practices for ensuring application security

This is a theoretical course.