Secure Software Design: OWASP, Threat Modeling & DevSecOps

Fundamentals of Secure Software Design

Build secure software from day one by mastering threat modeling, OWASP Top 10, secure coding, and DevSecOps automation. Learn to design, test, and deploy resilient applications using real-world tools and AI-assisted security workflows.

Interested in this course? Email us at [email protected]

Course curriculum

1. Segment 01 - Course Introduction
2. Segment 02 - Module Introduction 
3. Segment 03 - The Cost of Insecure Software- Real-World Breach Analysis-
4. Segment 04 - Analyzing the Extraterritorial Reach of US and EU Regulations
5. Segment 05 - Thinking Like an Attacker - Attack Surface Analysis Walkthrough
1. Segment 06 - Secure Design Principles _ CIA Triad in Practice
2. Segment 07 - Core Security Principles Least Privilege_ Defense in Depth_ and Zero Trust
3. Segment 08 - Implementing Role-Based Access Control (RBAC) in Python
1. Segment 09 - Leveraging AI for Regulatory Intelligence and Updates
2. Segment 10 - Summarizing Complex Directives and Regulations with AI
3. Segment 11 - Engineering Prompts for Accurate Legal Interpretation
4. Segment 12 - Reading : OWASP Threat Modeling Guide
5. Segment 13 - Hands-on-Lab : Threat Modeling a User Authentication System with GenAI Assistance
6. Segment 14 - Roleplay Activity : Conducting Your First Security Threat Assessment Meeting
1. Segment 15 - Module Introduction 
2. Segment 16 - Understanding the OWASP Top 10 and Injection Attacks
3. Segment 17 - Broken Access Control IDOR_ Privilege Escalation_ and Path Traversal
4. Segment 18 - Fixing Injection and Access Control Flaws in Python
1. Segment 19 - Cross-Site Scripting (XSS)- Types and Attack Vectors
2. Segment 20 - CSRF_ Input Validation_ and Output Encoding Strategies
3. Segment 21 - Implementing XSS and CSRF Protection in JavaScript
1. Segment 22 - Prompting GenAI for Secure Code and Security Analysis
2. Segment 23 - AI Limitations_ Risks_ and Ethical Considerations
3. Segment 24 - AI-Powered Code Review and Test Generation Workflow
4. Segment 25 - Reading : OWASP Top 10 Web Application Security Risks
5. Segment 26 - Hands-on_lab : Building Secure Password Storage and Authentication with AI-Assisted Code Review
6. Segment 27 - RolePlay Activity : Defending Your Code Against a Security Review Rejection
1. Segment 28 - Module Introduction 
2. Segment 29 - OWASP Secure Coding Practices Across Languages
3. Segment 30 - Common Anti-Patterns and Insecure Coding Mistakes-
4. Segment 31 - Refactoring Insecure Code Hands-On Exercise
1. Segment 32 - Security Testing Types SAST_ DAST_ and SCA
2. Segment 33 - DevSecOps and Shift-Left Security Culture
3. Segment 34 - Integrating Security Tools into CICD Pipelines
1. Segment 35 - Prompting GenAI for Secure Code and Security Analysis
2. Segment 36 - AI Limitations_ Risks_ and Ethical Considerations
3. Segment 37 - AI-Powered Code Review and Test Generation Workflow
4. Segment 38 - Reading : OWASP DevSecOps Guideline
5. Segment 39 - Hands-on-Lab: Building an Automated Security Testing Pipeline with AI-Powered Code Review
6. Segment 40 - RolePlay Activity : Justifying Security Automation Investment to Engineering Leadership
1. Segment 41 - Module Introduction 
2. Segment 42 - OWASP API Security Top 10 and Common API Vulnerabilities
3. Segment 43 - API Authentication_ Authorization_ and Rate Limiting Strategies
4. Segment 44 - Building a Secure REST API with Authentication and Rate Limiting
1. Segment 45 - Cloud Shared Responsibility Model and Secure Cloud Patterns-
2. Segment 46 - Container Security and Infrastructure as Code Best Practices-
3. Segment 47 - Writing Hardened Dockerfiles and Scanning Container Image
1. Segment 48 - Writing Hardened Dockerfiles and Scanning Container Image
2. Segment 49 - Security Policy Development and Governance Gap Analysis
3. Segment 50 - Complete Secure Architecture Blueprint and Capstone Project Guide
4. Segment 51 - Reading : OWASP API Security Top 10
5. Segment 52 - Hands-on-Lab: Designing a Complete Secure SaaS Application with API Security and Governance Framework
6. Segment 53 - Roleplay Activity : Presenting Your Secure Architecture Design to the CISO
1. Segment 54 - Course Wrap-up Video
2. Segment 55 - Quiz : Fundamentals of Secure Software Design
3. Segment 56 - Project : Design Your Secure Application Architecture

About this course

Free
56 lessons
4.5 hours of video content

Discover your potential, starting today

Enroll today

Fundamentals of Secure Software Design

Course curriculum

Module 1: Why Software Gets Hacked (and How to Think Defensively)

Module 2: Secure Design Principles & CIA Triad in Practice

Module 3: Threat Modeling in Practice (with GenAI Assistance)

Module 4: OWASP Top 10 Deep Dive: Injection & Broken Access Control

Module 5: XSS, CSRF, and Client-Side Security

Module 6: Secure Authentication, Secrets & Data Protection

Module 7: Secure Coding Practices & Anti-Patterns

Module 8: Automated Security Testing & DevSecOps Integration

Module 9: Using GenAI for Secure Code Generation & Review

Module 10: Designing Secure APIs & Microservices

Module 11: Secure Cloud & Container Deployment

Module 12: Cybersecurity Governance, Policy & Secure Architecture Blueprints

Module 13: Course Conclusion

About this course

Discover your potential, starting today