Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

A **file integrity checker (FIC)** monitors specific files on a device for unauthorized changes. Critical system files, whose alteration could result in system compromise, are a good place to start. However, files change all the time on a device. The key is to determine which files are worth monitoring from a security standpoint and to make the FIC aware when authorized changes will take place to prevent false positives from being triggered.

## Identification of differences in system files

Ideally, our organization should have a base image of all operating systems used on the production network. This helps identify what the system files should look like. Any difference between the base image version of a file and what’s on a device should be investigated to rule out malicious activity. The FIC can make these comparisons.

## How it works

An FIC runs on a device and takes daily fingerprints of the monitored files. This fingerprint is often in the form of a checksum, otherwise known as a hash value. Any change in a file will result in a completely different hash value compared to the file’s fingerprint before the change.


# Overview

A **file integrity checker (FIC)** monitors specific files on a device for unauthorized changes. Critical system files, whose alteration could result in system compromise, are a good place to start. However, files change all the time on a device. The key is to determine which files are worth monitoring from a security standpoint and to make the FIC aware when authorized changes will take place to prevent false positives from being triggered.

# Identification of differences in system files

Ideally, our organization should have a base image of all operating systems used on the production network. This helps identify what the system files should look like. Any difference between the base image version of a file and what’s on a device should be investigated to rule out malicious activity. The FIC can make these comparisons.

# How it works

An FIC runs on a device and takes daily fingerprints of the monitored files. This fingerprint is often in the form of a checksum, otherwise known as a hash value. Any change in a file will result in a completely different hash value compared to the file’s fingerprint before the change.


Learn how a file integrity checker (FIC) identifies changes made to files. 

File Integrity Checker (FIC)

Learn how a file integrity checker (FIC) identifies changes made to files.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

File Integrity Checker

Overview

Identification of differences in system files

How it works