Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Importance of ticketing

For a team of security analysts handling possibly hundreds of events daily, communication and documentation are essential. This prevents the duplication of work, reduces confusion, and helps ensure that events are responded to in a correct, timely, and consistent manner. A formal ticketing system can facilitate documentation that other team members can consult. This is just a partial list of what ticket handling documentation can provide:

- Educational material for other analysts to learn how to handle future events.

- Materials to support further investigation of events. Documentation needs to be retained for an amount of time that’s defined by the team 
or organization.


- Support for the research and correlation of other security events and incidents.

- Assistance identifying commonalities across multiple events.


## Safeguard security tickets

The ticketing system already used by the organization should be leveraged if possible. There is a caveat to this, however. Given that the content of these security tickets should be considered confidential, this data should physically reside in a secured location with controls that ensure least privilege, confidentiality, and data integrity. For example, the tickets could be stored in a repository database that resides on a network segment protected by a separate firewall.

# Importance of ticketing

For a team of security analysts handling possibly hundreds of events daily, communication and documentation are essential. This prevents the duplication of work, reduces confusion, and helps ensure that events are responded to in a correct, timely, and consistent manner. A formal ticketing system can facilitate documentation that other team members can consult. This is just a partial list of what ticket handling documentation can provide:

- Educational material for other analysts to learn how to handle future events.

- Materials to support further investigation of events. Documentation needs to be retained for an amount of time that’s defined by the team 
or organization.


- Support for the research and correlation of other security events and incidents.

- Assistance identifying commonalities across multiple events.


# Safeguard security tickets

The ticketing system already used by the organization should be leveraged if possible. There is a caveat to this, however. Given that the content of these security tickets should be considered confidential, this data should physically reside in a secured location with controls that ensure least privilege, confidentiality, and data integrity. For example, the tickets could be stored in a repository database that resides on a network segment protected by a separate firewall.

Learn to use a ticketing system to document security events.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Support Tickets

Importance of ticketing

Safeguard security tickets