This course takes a nuts and bolts approach to helping you design and implement applications to be secure from the ground up. Whether you are early in your career, or a seasoned veteran, every security professional should know these principles. Specifically, we will focus on three key areas:
Computer Security Principles – we will explore security objectives such as authentication, authorization, access control, confidentiality, data integrity and non-repudiation. The module also covers software design principles, including the principles of least privilege, fail-safe stance and defense-in-depth.
Secure Programming Techniques – in this module you will learn about the threats that worms and hackers present to software, as well as the programming techniques that developers can use to defend against these vulnerabilities. Some of the attacks covered are buffer overflows, SQL injection, and off-line dictionary attacks. The module also covers common mistakes made in using cryptographic libraries and how they can be avoided.
Cryptography – you will be introduced to both symmetric encryption and public-key cryptography, discussing how they are used to achieve security goals and build PKI (Public-Key Infrastructure) systems. The module also covers DES, 3DES, AES, RC4, RSA, ECC, MD5, SHA-1, X.509, digital signatures and all cryptographic primitives necessary to understand PKI. Diffie-Hellman key exchange and man-in-the-middle attacks will also be discussed.
You Will Learn
- Computer Security Design and Principles
- Worms and Other Malware
- Introduction to Cryptography
- Secure Programming Techniques
- Michael Duff, Chief Information Security Officer, Stanford University
- Mukul Khullar, Staff Information Security Engineer, LinkedIn
- Parisa Tabriz, Engineering Director, Google
We recommend you have the equivalent of a BS in Computer Science and/or a background in security.
As our introductory course it is recommended for learners who are less familiar to begin the program here.
*Note - this course does not require an application.
- $595 for Software Security Foundations
- $75 one-time document fee ?
Continuing Education Units
By completing this course, you’ll earn 1 Continuing Education Unit (CEU). CEUs cannot be applied toward any Stanford degree. CEU transferability is subject to the receiving institution’s policies.
Record of Completion
When you complete each course, you’ll receive an email with a link to download your Record of Completion. This email will be sent to the address you provide in your mystanfordconnection within 3 business days of course completion.