Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Using security solutions effectively

Many security solutions are available to protect endpoint devices, the network, and end users. Using the right combination of controls helps reduce the risk of attack and increases awareness of malicious activity that may be taking place within an organization’s IT systems.

## Maturity levels of the items covered

The maturity level assigned to each item represents the level of maturity an organization’s security team (or SOC) should be at to implement the respective security control effectively. It’s recommended that an organization only pursue the appropriate security controls  in the order of their maturity levels. Remember that the order of the items for each level doesn’t represent their importance or the order they should be pursued in.
### Level 1

- Configuration management database (CMDB)

- Antivirus (AV)

- Host-based network firewall

- Address space layout randomization (ASLR)

- Data execution prevention (DEP)

- Network firewall

- Security awareness training

### Level 2

- Host intrusion detection system (HIDS)

- Host intrusion prevention system (HIPS)

- Web browser firewall

- Network intrusion prevention system (NIPS)

- Email gateway

- Internet proxy

### Level 3

- File integrity checker (FIC)

- Containerization, virtualization, and sandboxing

- Web application firewall (WAF)

- Database firewall

- Malware prevention system (MPS)

- Jump server

___

# Using security solutions effectively

Many security solutions are available to protect endpoint devices, the network, and end users. Using the right combination of controls helps reduce the risk of attack and increases awareness of malicious activity that may be taking place within an organization’s IT systems.

# Maturity levels of the items covered

The maturity level assigned to each item represents the level of maturity an organization’s security team (or SOC) should be at to implement the respective security control effectively. It’s recommended that an organization only pursue the appropriate security controls  in the order of their maturity levels. Remember that the order of the items for each level doesn’t represent their importance or the order they should be pursued in.
## Level 1

- Configuration management database (CMDB)

- Antivirus (AV)

- Host-based network firewall

- Address space layout randomization (ASLR)

- Data execution prevention (DEP)

- Network firewall

- Security awareness training

## Level 2

- Host intrusion detection system (HIDS)

- Host intrusion prevention system (HIPS)

- Web browser firewall

- Network intrusion prevention system (NIPS)

- Email gateway

- Internet proxy

## Level 3

- File integrity checker (FIC)

- Containerization, virtualization, and sandboxing

- Web application firewall (WAF)

- Database firewall

- Malware prevention system (MPS)

- Jump server

___

Get a recap of how to protect an organization from cyber threats.


Summary: Protect

Get a recap of how to protect an organization from cyber threats.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Summary: Protect

Using security solutions effectively

Maturity levels of the items covered

Level 1

Level 2

Level 3