Is this course really 100% online? Do I need to attend any classes in person?

This course is completely online, so there’s no need to show up to a classroom in person. You can access your lectures, readings and assignments anytime and anywhere via the web or your mobile device.

Can I just enroll in a single course?

Yes! To get started, click the course card that interests you and enroll. You can enroll and complete the course to earn a shareable certificate. When you subscribe to a course that is part of a Specialization, you’re automatically subscribed to the full Specialization. Visit your learner dashboard to track your progress.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Can I take the course for free?

No, you cannot take this course for free. When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. If you cannot afford the fee, you can apply for financial aid.

Will I earn university credit for completing the Specialization?

This Specialization doesn't carry university credit, but some universities may choose to accept Specialization Certificates for credit. Check with your institution to learn more.

Secure Coding Practices Specialization

Gain next-level skills with Coursera Plus for $199 (regularly $399). Save now.

Secure Coding Practices Specialization

Instructors: Joubin Jabbari

12,829 already enrolled

Included with

Learn more

4 course series

Get in-depth knowledge of a subject

4.5

(395 reviews)

Intermediate level

Some related experience required

2 months to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

4 course series

Get in-depth knowledge of a subject

4.5

(395 reviews)

Intermediate level

Some related experience required

2 months to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Practice improving the security and robustness of your programs.
Create threat models and apply basic cryptography.
Evaluate and remediate fragile C++ library code.
Exploit common types of injection problems and fix the root causes.

Details to know

Shareable certificate

Add to your LinkedIn profile

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Advance your subject-matter expertise

Learn in-demand skills from university and industry experts
Master a subject or tool with hands-on projects
Develop a deep understanding of key concepts
Earn a career certificate from University of California, Davis

Specialization - 4 course series

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.Through four courses, you will cover the principles of secure coding, concepts of threat modeling and cryptography and exploit vulnerabilities in both C/C++ and Java languages, which will prepare you to think like a hacker and protect your organizations information. The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

Applied Learning Project

The courses provide ample practice activities including exploiting WebGoat, an OWASP project designed to teach penetration testing.

This Specialization is intended for software developers of any level who are not yet fluent with secure coding and programming techniques.

Principles of Secure Coding

Course 115 hours

What you'll learn

This course introduces you to the principles of secure programming. It begins by discussing the philosophy and principles of secure programming, and then presenting robust programming and the relationship between it and secure programming. We'll go through a detailed example of writing robust code and we'll see many common programming problems and show their connection to writing robust, secure programs in general. We’ll examine eight design principles that govern secure coding and how to apply them to your own work. We’ll discuss how poor design choices drive implementation in coding. We’ll differentiate between informal, formal, and ad hoc coding methods. Throughout, methods for improving the security and robustness of your programs will be emphasized and you will have an opportunity to practice these concepts through various lab activities. A knowledge of the C programming language is helpful, but not required to participate in the lab exercises.

Skills you'll gain

Category: Secure Coding

Category: Programming Principles

Category: Software Development Methodologies

Category: C (Programming Language)

Category: Software Design

Category: Vulnerability Assessments

Category: Debugging

Category: Program Development

Identifying Security Vulnerabilities

Course 213 hours

What you'll learn

This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models, and think critically about the threat models created by other people. We'll learn the basics of applying cryptography, such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data. We'll gain a fundamental understanding of injection problems in web applications, including the three most common types of injection problems: SQL injection, cross-site scripting, and command injection.

We'll also cover application authentication and session management where authentication is a major component of a secure web application and session management is the other side of the same coin, since the authenticated state of user requests need to be properly handled and run as one session. We'll learn about sensitive data exposure issues and how you can help protect your customer's data. We'll cover how to effectively store password-related information, and not to store the actual plaintext passwords. We'll participate in coding assignment that will help you to better understand the mechanisms for effectively storing password-related information. Along the way, we’ll discuss ways of watching out for and mitigating these issues and be able have some fun and exploit two different vulnerabilities in a web application that was designed to be vulnerable, called WebGoat.

Skills you'll gain

Category: Encryption

Category: Application Security

Category: Authentications

Category: Secure Coding

Category: Open Web Application Security Project (OWASP)

Category: Data Security

Category: Cryptography

Category: Personally Identifiable Information

Category: Threat Modeling

Category: Exploitation techniques

Category: Vulnerability Management

Category: Vulnerability Assessments

Category: Security Controls

Identifying Security Vulnerabilities in C/C++Programming

Course 322 hours

What you'll learn

Apply “what to watch out for” and “where to look” to evaluate fragility of C++ library code.
Given a fragile C++ library, code a robust version.
Identify problems w/ privilege, trusted environments, input validation, files & sub-processes, resource mngmt, asynchronicity, & randomness in C/C++.
Remediate examples of problems that apply to C/C++ interactions with the programming environment.

Skills you'll gain

Category: Secure Coding

Category: OS Process Management

Category: Cryptography

Category: Application Security

Category: Linux

Category: Data Validation

Category: File Management

Category: C (Programming Language)

Category: Verification And Validation

Category: Debugging

Category: Code Review

Category: User Accounts

Category: Vulnerability Assessments

Exploiting and Securing Vulnerabilities in Java Applications

Course 423 hours

What you'll learn

Practice protecting against various kinds of cross-site scripting (XSS) attacks.
Form plans to mitigate injection vulnerabilities in your web application.
Create strategies and controls to provide secure authentication.
Examine code to find and patch vulnerable components.

Skills you'll gain

Category: Application Security

Category: Open Web Application Security Project (OWASP)

Category: Secure Coding

Category: Git (Version Control System)

Category: Docker (Software)

Category: JSON

Category: Authentications

Category: Vulnerability Assessments

Category: Dependency Analysis

Category: Authorization (Computing)

Category: Penetration Testing

Category: Exploit development

Category: Code Review

Category: Vulnerability Management

Category: Java Programming

Category: Java

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructors

Joubin Jabbari

University of California, Davis

1 Course8,513 learners

Offered by

University of California, Davis

Why people choose Coursera for their career

Felipe M.

Learner since 2018

"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."

Jennifer J.

Learner since 2020

"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."

Larry W.

Learner since 2021

"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Frequently asked questions

It is intended to be able to complete in 4-5 months, but you may want to give yourself more time to work through the many activities outlined in the various courses.

Familiar with the Software Development Lifecycle.
Fluent in one or more coding languages (including web front-end development languages.)
For Java course, Fluent in Java.
For C/C++ course, Fluent in C/C++.

We recommend you begin with Principles of Secure Coding and then move to Identifying Security Vulnerabilities. The other two courses can be taken in either order.

Secure Coding Practices Specialization

What you'll learn

Skills you'll gain

Details to know

See how employees at top companies are mastering in-demand skills

Advance your subject-matter expertise