Prerequisites: CMIS 320 and SDEV 300. An in-depth, practical application of techniques and tools for detecting and documenting software vulnerabilities and risks. The goal is to research, select, and use software to analyze code and isolate and prioritize application code and processes that could lead to failure or compromise data integrity or privacy. Topics include the top 25 software vulnerabilities, secure coding guidelines, static code analysis, and software assurance metrics.
After completing this course, you should be able to:
- Use fundamental application security concepts and models to write secure code and build secure applications
- Write and analyze code in a variety of languages (Java, .net, and C/C++) and apply security best practices and concepts to minimize software vulnerabilities
- Select and use software security tools to identify software vulnerabilities
- Document results by providing risk security analysis and prioritizing software vulnerability mitigation recommendations
- Research current trends in application security in order to adapt to new threats and vulnerabilities