Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

This chapter provided us with a good overview of building the capability to detect and protect against different types of attacks.

## Mitigation

**Mitigation** involves using a combination of detective and protection controls placed at strategic locations throughout the network and the internet-facing perimeter.


## Keep an inventory of assets

Creating a comprehensive inventory of all the assets on the network helps ensure that vulnerability scans are thorough, and that the security team can quickly get detailed information about any asset that requires investigation or removal from the network.


## Cyber intelligence

Cyber intelligence can provide information about attackers and the attacks they launch, though it can have varying quality and a limited shelf life.


## Maturity levels of the items covered

The maturity level assigned to each item represents the level of maturity an organization’s security team (SOC) should be at to implement the respective security control effectively. It’s recommended to pursue these security controls according to what’s appropriate for the organization and in the order of their maturity levels. The order of the items for each level doesn’t represent their importance or the order in which they should be pursued.


### Level 1

- Alerts

- Reporting

### Level 2

- SIEM


- Data loss prevention


- Vulnerability scanning

- Cyber intelligence


### Level 3

- DNS query monitoring

- Anonymizer network monitoring


- Honeypots


___







# Overview

This chapter provided us with a good overview of building the capability to detect and protect against different types of attacks.

# Mitigation

**Mitigation** involves using a combination of detective and protection controls placed at strategic locations throughout the network and the internet-facing perimeter.


# Keep an inventory of assets

Creating a comprehensive inventory of all the assets on the network helps ensure that vulnerability scans are thorough, and that the security team can quickly get detailed information about any asset that requires investigation or removal from the network.


# Cyber intelligence

Cyber intelligence can provide information about attackers and the attacks they launch, though it can have varying quality and a limited shelf life.


# Maturity levels of the items covered

The maturity level assigned to each item represents the level of maturity an organization’s security team (SOC) should be at to implement the respective security control effectively. It’s recommended to pursue these security controls according to what’s appropriate for the organization and in the order of their maturity levels. The order of the items for each level doesn’t represent their importance or the order in which they should be pursued.


## Level 1

- Alerts

- Reporting

## Level 2

- SIEM


- Data loss prevention


- Vulnerability scanning

- Cyber intelligence


## Level 3

- DNS query monitoring

- Anonymizer network monitoring


- Honeypots


___







Get a recap of how monitoring and detection have been discussed in this chapter.


Summary: Detect

Get a recap of how monitoring and detection have been discussed in this chapter.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Summary: Detect

Overview

Mitigation

Keep an inventory of assets

Cyber intelligence

Maturity levels of the items covered

Level 1

Level 2

Level 3