- Course
OWASP: Insecure Design
Insecure design is a top-tier security risk that can't be patched in code. This course will teach you to architect resilience, conduct lightweight threat modeling, and integrate security into the design phase of your SDLC.
Intermediate
- Course
OWASP: Insecure Design
Insecure design is a top-tier security risk that can't be patched in code. This course will teach you to architect resilience, conduct lightweight threat modeling, and integrate security into the design phase of your SDLC.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
Flaws in a system's architecture are often the costliest to fix and can't be resolved by secure coding alone. In this course, OWASP: Insecure Design, you’ll learn how to integrate security into the very foundation of your software. First, you’ll explore lightweight threat modeling using STRIDE and abuse cases to find weaknesses before a single line of code is written. Next, you’ll discover how to apply core security-by-design principles to protect sensitive data, enforce trust boundaries, and prevent common architectural CWEs. Finally, you’ll learn how to incorporate security reviews and Architecture Decision Records (ADRs) into your SDLC to ensure security is a repeatable part of your engineering culture. When you’re finished with this course, you’ll have the skills and knowledge needed to architect resilient systems and mitigate the #4 OWASP top ten risk: Insecure Design.
OWASP: Insecure Design
Intermediate
Table of contents
Dusan is a Senior Software Engineer and App Sec Tech Lead with over a decade of experience. He specializes in securing enterprise solutions and is passionate about learning and teaching others.
