When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I purchase the Certificate?

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Cyber Secure Software Developer (CSSD) (Exam CSD-110)

Ends today! Save on skills that make you shine with 40% off 3 months of Coursera Plus. Save now

Cyber Secure Software Developer (CSSD) (Exam CSD-110)

Instructor: Bill Rosenthal

Included with

Learn more

9 modules

Gain insight into a topic and learn the fundamentals.

4 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

9 modules

Gain insight into a topic and learn the fundamentals.

4 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

In this course, you will employ best practices to develop secure software.

Skills you'll gain

Tools you'll learn

Details to know

Shareable certificate

Add to your LinkedIn profile

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 9 modules in this course

The stakes for software security are high, and yet many development teams overlook it until it's too late—if they address it at all. To ensure successful implementation, it is crucial for developers to manage security and privacy issues throughout the entire software development lifecycle, rather than addressing them only after coding or during delivery preparation.

This course presents an approach for dealing with security throughout all phases of the software development lifecycle. You will identify the fundamentals of security, including the vulnerabilities and attacks that compromise it. You will also employ general strategies for addressing security risks to your software projects, as well as specific tactics for identifying and remediating those risks. Ultimately, you will acquire the skills it takes to secure all facets of a software project, beyond just the code itself. This course is designed for any business professional involved in the software development process who desires or is required to develop highly secure software for organizational use. Candidates may be programmers, testers, architects, or any other personnel whose daily job duties involve directly building software; or, they may be project leaders, software engineers, and DevOps personnel who perform additional technical and non-technical duties as part of the overall software development lifecycle. This course is also designed to assist candidates in preparing for the CertNexus Cyber Secure Software Developer™ (CSSD) Exam CSD-110 certification. In this course, you will: identify fundamental security concerns in software development, leverage the secure software development lifecycle (SSDLC), define secure software requirements, design software for security, implement security protections in software, test software security, maintain security in deployed software, and prepare to defend against cyber attacks. This course requires that you use the provided virtual machine, which includes various security tools and application environments. The course setup instructions provided in the first module of the course go into more detail about the hardware and software requirements.

Module details

As a software developer, your job can be complex and demanding. You must satisfy customers, meet business requirements and deadlines, and work cooperatively with other people on a project—all while handling the complex technical challenges of rapidly evolving development tools, programming languages, frameworks, and application programming interfaces (APIs). The complex interactions among all of the components involved in a project can be difficult to manage at times.

What's included

36 plugins

36 pluginsTotal 371 minutes

Data Files and Setup for This Course20 minutes
About This Course3 minutes
Lesson Introduction1 minute
Topic A: Identify the Need for Software Security1 minute
1A-1: Reading13 minutes
1A-2: Activity15 minutes
Topic B: Identify Factors That Undermine Software Security1 minute
1B-1: Reading10 minutes
1B-2: Activity10 minutes
Topic C: Identify Fundamental Principles of Cybersecurity1 minute
1C-1: Reading25 minutes
1C-2: Activity30 minutes
Topic D: Identify Common Vulnerabilities in Software1 minute
1D-1: Reading10 minutes
1D-2: Activity5 minutes
1D-3: Reading10 minutes
1D-4: Activity5 minutes
1D-5: Reading5 minutes
1D-6: Activity20 minutes
1D-7: Reading15 minutes
1D-8: Activity10 minutes
1D-9: Reading2 minutes
1D-10: Activity20 minutes
Topic E: Identify Common Attacks and Exploits Against Software1 minute
1E-1: Reading20 minutes
1E-2: Activity5 minutes
1E-3: Reading13 minutes
1E-4: Activity5 minutes
1E-5: Reading8 minutes
1E-6: Activity5 minutes
1E-7: Reading15 minutes
1E-8: Activity30 minutes
1E-9: Activity15 minutes
1E-10: Activity10 minutes
1E-11: Activity10 minutes
Lesson Summary1 minute

Software security is not a set of individual tasks isolated from other organizational concerns. Instead, it is a repeatable process with several stages, much in the same way that software development itself follows a lifecycle. In this lesson, you'll follow and apply the stages of this lifecycle with a focus on security, ensuring your software projects are protected at a high level.

What's included

33 plugins

33 pluginsTotal 291 minutes

Lesson Introduction1 minute
Topic A: Apply the Builder/Breaker Approach1 minute
2A-1: Reading20 minutes
2A-2: Guidelines2 minutes
2A-3: Activity5 minutes
Topic B: Incorporate SSDLC Practices and Methodologies1 minute
2B-1: Reading13 minutes
2B-2: Activity5 minutes
2B-3: Reading15 minutes
2B-4: Activity5 minutes
2B-5: Reading20 minutes
2B-6: Guidelines5 minutes
2B-7: Activity10 minutes
Topic C: Apply SSDLC Practices in the Use of AI1 minute
2C-1: Reading25 minutes
2C-2: Activity5 minutes
2C-3: Reading13 minutes
2C-4: Activity5 minutes
2C-5: Reading20 minutes
2C-6: Guidelines3 minutes
2C-7: Activity15 minutes
Topic D: Incorporate Governance, Risk Management, and Compliance (GRC) in the SSDLC1 minute
2D-1: Reading15 minutes
2D-2: Guidelines2 minutes
2D-3: Activity10 minutes
Topic E: Identify Key Roles in the SSDLC1 minute
2E-1: Reading20 minutes
2E-2: Activity15 minutes
Topic F: Foster a Security-First Organizational Culture1 minute
2F-1: Reading20 minutes
2F-2: Guidelines5 minutes
2F-3: Activity10 minutes
Lesson Summary1 minute

You've implemented different processes in the secure software development lifecycle (SSDLC), now it's time to go into depth for each phase of the lifecycle. As you know, the first phase is requirements definition and analysis. In this lesson, you'll explore some of the major sources of requirements and how best to define those requirements so that they meet your security needs.

What's included

14 plugins

14 pluginsTotal 89 minutes

Lesson Introduction1 minute
Topic A: Define Compliance Requirements1 minute
3A-1: Reading7 minutes
3A-2: Activity5 minutes
3A-3: Reading30 minutes
3A-4: Activity5 minutes
3A-5: Reading8 minutes
3A-6: Guidelines2 minutes
3A-7: Activity5 minutes
Topic B: Define Security Requirements1 minute
3B-1: Reading2 minutes
3B-2: Guidelines6 minutes
3B-3: Activity15 minutes
Lesson Summary1 minute

The process you use to design your software should reflect what is important to you, your customers, and other project stakeholders. Following this rationale, if software security is important to you, it should be an important part of your design processes. In this lesson, you'll move on to the second phase of the secure software development lifecycle (SSDLC) to incorporate security into the design of software.

What's included

18 plugins

18 pluginsTotal 227 minutes

Lesson Introduction1 minute
Topic A: Apply General Principles for Secure Design1 minute
4A-1: Reading35 minutes
4A-2: Guidelines2 minutes
4A-3: Activity20 minutes
Topic B: Define the Security Architecture1 minute
4B-1: Reading25 minutes
4B-2: Activity10 minutes
4B-3: Reading35 minutes
4B-4: Guidelines2 minutes
4B-5: Activity5 minutes
Topic C: Conduct Threat Modeling1 minute
4C-1: Reading40 minutes
4C-2: Activity10 minutes
4C-3: Reading25 minutes
4C-4: Guidelines3 minutes
4C-5: Activity10 minutes
Lesson Summary1 minute

You've outlined security requirements and designed your software around security. The next phase of the secure software development lifecycle (SSDLC) is development, where you actually implement security protections through code. And, as part of a DevOps approach, you'll also implement protections that support your code and your software's runtime environments.

What's included

36 plugins

36 pluginsTotal 479 minutes

Lesson Introduction1 minute
Topic A: Implement Cryptography1 minute
5A-1: Reading30 minutes
5A-2: Activity30 minutes
5A-3: Activity10 minutes
5A-4: Reading20 minutes
5A-5: Activity8 minutes
5A-6: Reading18 minutes
5A-7: Guidelines5 minutes
5A-8: Activity15 minutes
5A-9: Activity15 minutes
5A-10: Activity25 minutes
5A-11: Activity20 minutes
Topic B: Implement Application Security Parameters and Configurations1 minute
5B-1: Reading25 minutes
5B-2: Guidelines3 minutes
5B-3: Activity20 minutes
5B-4: Activity15 minutes
Topic C: Implement Access Control1 minute
5C-1: Reading18 minutes
5C-2: Activity7 minutes
5C-3: Reading20 minutes
5C-4: Guidelines13 minutes
5C-5: Activity15 minutes
5C-6: Activity20 minutes
Topic D: Protect Database Access1 minute
5D-1: Reading30 minutes
5D-2: Guidelines3 minutes
5D-3: Activity15 minutes
5D-4: Activity20 minutes
Topic E: Implement Error Handling and Logging1 minute
5E-1: Reading10 minutes
5E-2: Guidelines7 minutes
5E-3: Activity15 minutes
5E-4: Activity20 minutes
Lesson Summary1 minute

As you design and implement software throughout the entire software development lifecycle, you need to test it to ensure it will lead to a high-quality finished product that is secure and protects both users and the organization. There are various approaches to testing, several of which you'll employ in this lesson.

What's included

18 plugins

18 pluginsTotal 184 minutes

Lesson Introduction1 minute
Topic A: Perform Security Tests1 minute
6A-1: Reading40 minutes
6A-2: Guidelines3 minutes
6A-3: Activity35 minutes
6A-4: Activity20 minutes
Topic B: Analyze Software to Identify Security Issues1 minute
6B-1: Reading3 minutes
6B-2: Guidelines2 minutes
6B-3: Reading3 minutes
6B-4: Guidelines2 minutes
6B-5: Reading10 minutes
6B-6: Guidelines2 minutes
6B-7: Reading3 minutes
6B-8: Guidelines2 minutes
6B-9: Activity15 minutes
6B-10: Activity40 minutes
Lesson Summary1 minute

You've designed, developed, and tested your software. Now you must make sure it remains secure when deployed to production. And, you must ensure that security extends over time, performing fixes as needed. In this lesson, you'll engage with the final two phases of the secure software development lifecycle (SSDLC).

What's included

36 plugins

36 pluginsTotal 284 minutes

Lesson Introduction1 minute
Topic A: Implement Secure Deployment Processes1 minute
7A-1: Reading6 minutes
7A-2: Guidelines3 minutes
7A-3: Reading3 minutes
7A-4: Guidelines2 minutes
7A-5: Reading3 minutes
7A-6: Guidelines2 minutes
7A-7: Reading7 minutes
7A-8: Activity30 minutes
7A-9: Activity20 minutes
Topic B: Ensure Device Security1 minute
7B-1: Reading18 minutes
7B-2: Guidelines2 minutes
7B-3: Activity8 minutes
Topic C: Monitor Deployed Software1 minute
7C-1: Reading15 minutes
7C-2: Guidelines2 minutes
7C-3: Activity20 minutes
7C-4: Activity25 minutes
Topic D: Maintain Security After Deployment1 minute
7D-1: Reading8 minutes
7D-2: Guidelines3 minutes
7D-3: Reading3 minutes
7D-4: Guidelines2 minutes
7D-5: Reading3 minutes
7D-6: Guidelines2 minutes
7D-7: Activity30 minutes
7D-8: Activity25 minutes
Topic E: Decommission Legacy Assets1 minute
7E-1: Reading10 minutes
7E-2: Guidelines3 minutes
7E-3: Reading6 minutes
7E-4: Guidelines3 minutes
7E-5: Activity13 minutes
Lesson Summary1 minute

As a software developer, you may not think of yourself as being on the frontlines of cybersecurity within an organization. After all, there are security practitioners whose job it is to be vigilant against active attacks. Even though you may not implement cybersecurity defenses yourself, you must still be aware of them and why they're necessary to ensure the security of the entire organization—software included. This is crucial in supporting a truly effective DevSecOps approach.