Training > Open Source Best Practice > Secure Software Development: Implementation (LFD105x)
Training Course

Secure Software Development: Implementation (LFD105x)

Learn the security basics to develop software that is hardened against attacks, and understand how you can reduce the damage and speed the response when a vulnerability is exploited. This course covers the practical steps software developers can take, even if they have limited resources, to implement secure software.

Who Is It For

Geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software, this course focuses on practical steps that can be taken, even with limited resources, to improve information security.
read less read more
What You’ll Learn

This course focuses on key implementation issues: input validation (such as why allowlists should be used and not denylists), processing data securely, calling out to other programs, sending output, and error handling. It focuses on practical steps that you (as a developer) can take to counter the most common kinds of attacks.
read less read more
What It Prepares You For

This secure software development training course will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.
read less read more
Course Outline
Chapter 1. Input Validation
Chapter 2. Processing Data Securely
Chapter 3. Calling Other Programs
Chapter 4. Sending Output
Final Exam (Verified Certificate track only)

We presume that the student already knows how to develop software to some degree.
Jan 2022
I found the web security material useful, and would recommend it to developers working in that space as a baseline knowledge.
Sep 2021
Content was to the point, but still accessible.
Jul 2021
Good level of detail on remediation of vulnerabilities without becoming language or framework-specific.
Jul 2021
It gave a feeling about the complexity of web technologies, and the corresponding security vulnerabilities.
Jul 2021
Overall, I felt that the writing of the course content was succinct and practical. I felt that the course developers had real-world applications and challenges in mind, and I liked that most about the course.
Jul 2021
I love how the web-based vulnerabilities were explained. As an old-salt embedded real time developer, I was able to understand 90% of them.