This course is about how to consider security from the very beginning steps of developing software. In this course we learn:
- Different types of software vulnerabilities in C/C++
- Stack-based BoF
- Heap-based BOF
- Integer Overflow
- Use After Free
- Buffer Overread
- Protection mechanisms against C/C++ vulnerabilities
- DEP, ASLR, Canary, Fortify, etc.
- Different types of software vulnerabilities in web applications
- Wrong session management
- CSRF
- XSS
- SQL injection
- LFI/RFI
- Command Injection
- Secure Software Development
- Security requirement analysis
- Secure oriented software design
- code review, secure testing
- security maintenance
- Software Vulnerability Mitigation
- Vulnerability Avoidance
- Vulnerability Removal
- static analysis methods
- dynamic analysis methods
- hybrid analysis methods
- fuzzing and vulnerability detection
- Vulnerability Tolerance