Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

It should be assumed that data collected from an incident will be requested at a later date by law enforcement to support a legal investigation. The data collected from the incident may need to be used as evidence that something did or didn’t occur or that an entity is or isn’t liable for a criminal or damaging act.


## Properties of admissible data

For data to be admissible as evidence, it has to be credible. The integrity of the data needs to stand up to scrutiny. There should be no doubt about whether the data has been tampered with since its creation. Any reasonable doubt, such as if the data owner can’t prove that integrity was maintained throughout the chain of custody, could make the data inadmissible.


Therefore, a data-handling process should be defined and followed. Documentation surrounding any data movement from when the data was created should be used. The handling of the documentation also needs to follow a strict process to ensure its unquestionable integrity.


# Overview

It should be assumed that data collected from an incident will be requested at a later date by law enforcement to support a legal investigation. The data collected from the incident may need to be used as evidence that something did or didn’t occur or that an entity is or isn’t liable for a criminal or damaging act.


# Properties of admissible data

For data to be admissible as evidence, it has to be credible. The integrity of the data needs to stand up to scrutiny. There should be no doubt about whether the data has been tampered with since its creation. Any reasonable doubt, such as if the data owner can’t prove that integrity was maintained throughout the chain of custody, could make the data inadmissible.


Therefore, a data-handling process should be defined and followed. Documentation surrounding any data movement from when the data was created should be used. The handling of the documentation also needs to follow a strict process to ensure its unquestionable integrity.


Learn about the data properties required to be admissible as evidence of a security incident and some techniques required to collect it.


Data Preservation

Learn about the data properties required to be admissible as evidence of a security incident and some techniques required to collect it.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Data Preservation

Overview

Properties of admissible data