Learn about the need to shift your mindset from a builder to a breaker in order to better understand potential attack scenarios and your risks.
- As developers, our general strength lies…in building systems.…A huge part of the problem in secure coding…is that we are builders.…So we need to change our mindset a little…in order to truly be effective as a secure coder.…Developers interested in proving their security footprint…need to develop the skill of breaking code.…Now I'm not going to argue…that you should be an expert penetration tester,…but there is real value in learning the basics…of attacking systems.…
Now some developers may want to go deep…and learn how to write exploit attacks.…And while this can be an amazing skill,…it's over the top of what you really need to do…in my opinion.…The fact is that there are several really great tools…on the market that allow you to attack your code…without a lot of extended learning.…The value of using these tools is that you can start looking…at actual exploits in your code.…
By breaking your code,…you can gain many valuable insights into your application.…You will see how data is accessed and used.…You will see how logging output is generated…
AuthorFrank P Moley III
- Understanding attackers and risks
- Documenting your risks
- Issues related to web client–server interactions
- Issues related to thick app and client–server interactions
- Authorization and cryptography issues
- Implementing security in each phase of the software development life cycle
Skill Level Beginner
Web Security: OAuth and OpenID Connectwith Keith Casey1h 26m Intermediate
Programming Foundations: Design Patternswith Elisabeth Robson2h 19m Intermediate
What you need to know1m 35s
1. Security and Risk Overview
2. Web Client Server Interaction Code Issues
3. Thick App and Client-Server Interaction Issues
4. Crypto and Security Misuse Issues
5. Security in the SDLC
Next steps2m 10s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.