Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

**Complete mediation** supports the "trust but verify" principle. Many applications use protected resources like databases, file shares, authentication servers, and so on. When software interacts with these types of resources, its design should ensure that this interaction takes place in a circumspect way

## A database with a single open connection

Software shouldn’t open a connection to a database and leave that connection open for the duration of the user’s session. This is like opening the door for a guest, then leaving it open for the rest of the day. While it was opened for a specific purpose, the persisted open connection presents a potential opportunity for attackers to gain access to sensitive data and files.

# Overview

**Complete mediation** supports the "trust but verify" principle. Many applications use protected resources like databases, file shares, authentication servers, and so on. When software interacts with these types of resources, its design should ensure that this interaction takes place in a circumspect way

# A database with a single open connection

Software shouldn’t open a connection to a database and leave that connection open for the duration of the user’s session. This is like opening the door for a guest, then leaving it open for the rest of the day. While it was opened for a specific purpose, the persisted open connection presents a potential opportunity for attackers to gain access to sensitive data and files.

Learn the importance of mediation when providing access to protected resources.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Complete Mediation

Overview

A database with a single open connection