This course introduces students to the primary best practices of Secure Coding, including Lab Tools, vulnerable web apps OWASP Top 10, SANS Top 25, Active Defenses, and Threat Modeling. It emphasizes the importance of secure coding in reducing risk and vulnerabilities. Topics covered include XSS, Direct Object Reference, Data Exposure, Buffer Overflows, Resource Management, Active Defenses, and Threat Modeling. Understanding these vulnerabilities equips developers to engineer products that effectively prevent them. The course covers Application Security Issues, OWASP Top 10 Attacks, SANS/CWE Top 25 Vulnerabilities, Buffer Overflow Vulnerability, CERT Secure Coding Standards, Active Defenses, Threat Modeling, and utilizes Lab Tools such as SamuraiWTF Virtual Machine, Burp Suite Proxy Tool, and WebGoat.

Temps présentiel : 35 heures

Charge de travail étudiant : 35 heures

Méthode(s) d'évaluation : Examen écrit