Enterprises around the world have identified cyber security as a top concern. Security vulnerabilities leave companies open to hacking and security breaches. This course will teach you tools to fight against security vulnerabilities and attacks. You'll learn the fundamentals of software security and a security-centered software development process, where bugs typically live and how to find them, and specific techniques such as manual and automated code reviews. When you're finished with this training course, you'll understand the major security domains and have some ideas for securing your software that you can apply right away.
Dr. Jared DeMott is the founder of the security company, Vulnerability Discovery & Analysis (VDA) Labs. DeMott is a former NSA security analyst, Microsoft BlueHat Prize winner, and was the CTO and Binary Defense. He's frequently quoted in media, and invited to speak at security events.
Course Overview Hi everyone, my name is Dr. Jared DeMott, and welcome to my course, Security for Hackers and Developers: an Overview. I've been breaking and securing software for 16 years, and I've trained and spoken at leading security conferences like Black Hat and many other places as well. And here's the thing, enterprises all around the world have identified cyber security as the top risk to their business. Flaws in software are a huge part of why the bad guys keep getting in. So in this course we're going to learn to fight back. I've got a whole series of courses planned actually, and as we dig deeper and deeper into each topic, we'll get to those, but first we must understand the fundamentals of software security, which is what this course provides. So in this course I'll teach the basics of software security, and a security-oriented development process, we'll see where bugs tend to live and how to begin finding them, and finally I'll cover specific techniques such as manual and automated code review. By the end of the course, you'll understand more about the major domains within security, and you'll be able to start securing your own software, and have basic ideas about software attack as well. Before beginning the class, you should simply be familiar with software basics. So I hope you'll join me on this journey to learn software security with the Security for Hackers and Developers course at Pluralsight.
Understanding the Security Development Lifecycle - SDL Dr. DeMott here, and welcome to module two, Understanding the Security Development Lifecycle. In this module we're going to talk about raising the security IQ of your entire organization. We're going to talk about the SDL, and we're going to talk about why it's important to push security to the left. Attack surface reduction is always important, and threat modeling is one of the key ways we can do that from the get-go.