Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

An easy way to think about a **host intrusion prevention system (HIPS)** is HIDS but weaponized. Instead of merely detecting malicious activity on a device, HIPS can also prevent that activity. HIPS offers not just detective control but protective control as well.

## False positives

With the additional ability to block actions, HIPS could mistakenly identify benign activities as malicious and take action. These are known as **false positives**. Therefore, we should be confident in our protection software before we allow it to take these actions autonomously.

## A catastrophic example

There are many examples of legitimate changes, such as installing misidentified patches, that resulted in catastrophic events. Take the Windows blue screen of death (BSOD), for example, which quickly spread across enterprises like wildfire. This errant patch had to be quickly rolled back and caused Microsoft some embarrassment for having failed to test the patch more thoroughly. This also provided a valuable lesson. Best intentions aside, any change runs the risk of breaking something.



 

# Overview

An easy way to think about a **host intrusion prevention system (HIPS)** is HIDS but weaponized. Instead of merely detecting malicious activity on a device, HIPS can also prevent that activity. HIPS offers not just detective control but protective control as well.

# False positives

With the additional ability to block actions, HIPS could mistakenly identify benign activities as malicious and take action. These are known as **false positives**. Therefore, we should be confident in our protection software before we allow it to take these actions autonomously.

# A catastrophic example

There are many examples of legitimate changes, such as installing misidentified patches, that resulted in catastrophic events. Take the Windows blue screen of death (BSOD), for example, which quickly spread across enterprises like wildfire. This errant patch had to be quickly rolled back and caused Microsoft some embarrassment for having failed to test the patch more thoroughly. This also provided a valuable lesson. Best intentions aside, any change runs the risk of breaking something.



 

Learn about the host-based intrusion prevention system's (HIPS) role in detecting and potentially preventing security threats in an organization.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Host-based Intrusion Prevention System

Overview

False positives

A catastrophic example