Secure Coding Techniques Syllabus

The document outlines a course on Secure Coding Techniques, focusing on information security objectives, recent cyber attack trends, and secure coding practices in various programming languages. It covers topics such as OWASP Top 10 vulnerabilities, threat modeling, and secure design principles. The course aims to equip students with the skills to write secure code and understand the importance of security throughout the software development lifecycle.

Uploaded by

sudheergidla

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

27 views2 pages

Secure Coding Techniques Syllabus

Uploaded by

sudheergidla

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

IV Year - I Semester Code: 20CS7E05 L -3 T -0 P -0 C-3

SECURE CODING TECHNIQUES

Course Outcomes:
At the end of the Course, student will be able to:
Differentiate the objectives of information security
Understand the trend, reasons and impact of the recent Cyber attacks
Understand OWASP design principles while designing a web application
Understand Threat modelling
Importance of security in all phases of SDLC
Write secure coding using some of the practices in C/C++/Java and Python programming languages

UNIT I
Network and Information security Fundamentals: Network Basics, Network Components, Network
Types, Network Communication Types, Introduction to Networking Models, Cyber Security Objectives
and Services, Other Terms of Cyber Security, Myths Around Cyber Security, Myths Around Cyber
Security, Recent Cyber Attacks, Generic Conclusion about Attacks, Why and What is Cyber Security,
Categories of Attack

UNIT II
Introduction to Cyber security: Introduction to OWASP Top 10, A1 Injection, A1 Injection Risks
Root Causes and its Mitigation, A1 Injection, A2 Broken Authentication and Session Management, A7
Cross Site Scripting XSS,A3 Sensitive Data Exposure, A5 Broken Access Control, A4 XML External
Entity (XEE), A6 Security Misconfiguration, A7 Missing Function Level Access Control, A8 Cross
Site Request Forgery CSRF, A8 Insecure Deserialization, A9 Using Components With Known
Vulnerabilities, A10 Unvalidated Redirects and Forwards, A10 Insufficient Logging and Monitoring,
Secure Coding Practices, Secure Design Principles, Threat Modeling, Microsoft SDL Tool

UNIT III
Secure coding practices and OWASP Top 10: Declarative Security, Programmatic Security,
Concurrency, Configuration, Cryptography, Input and Output Sanitization, Error Handling, Input
Validation, Logging and auditing, Session Management, Exception Management, Safe APIs, Type
Safety, Memory Management, Tokenizing, Sandboxing, Static and dynamic testing, vulnerability
scanning and penetration testing

DEPARTMENT OF ELECTRONICS & COMMUNICATION ENGINEERING BR20 REGULATIONS

UNIT IV
Secure coding practices in C/C++ and Java: Potential Software Risks in C/C++, Defensive coding,
Preventative Planning, Clean Code, Iterative Design, Assertions, Pre Post Conditions, Low level design
inspections, Unit Tests
Java- Managing Denial of Service, Securing Information, Data Integrity, Accessibility and
Extensibility, Securing Objects, Serialization Security

UNIT V
Secure coding in Python: Interactive Python Scripting, Python Variables, Conditionals, Loops,
Functions, External Modules, File operations, Web requests

Text Books:
1. Networking Fundamentals, 2019 edition, Packt, Author: Gordon Davies
2. Principles of Information Security, Authors: Michael E. Whitman and Herbert J. Mattord, Course
technology incorp.
3. CSSLP SECURE SOFTWARE LIFECYCLE PROFESSIONAL ALL-IN-ONE EXAM GUIDE,
Third Edition, 3rd Edition, Authors: Wm. Arthur Conklin, Daniel Paul Shoemaker, Released February
2022,Publisher(s): McGraw-Hill,ISBN: 9781264258215
4. OCP Oracle Certified Professional Java SE 11 Programmer II Study Guide: Exam 1Z0-816 and
Exam 1Z0-817 Paperback – 6 August 2020, Authors: Scott Selikoff , Jeanne Boyarsky
5. OWASP 2017 Handbook,
[Link]

Web Reference : 1.[Link] myths-vs-reality/

2. [Link]

DEPARTMENT OF ELECTRONICS & COMMUNICATION ENGINEERING BR20 REGULATIONS

Cyber Security and Applications
No ratings yet
Cyber Security and Applications
4 pages
Tlep Ecs IV Sem
No ratings yet
Tlep Ecs IV Sem
17 pages
SCT Question Bank
No ratings yet
SCT Question Bank
8 pages
Cyber Security and Applications
No ratings yet
Cyber Security and Applications
4 pages
Syllabus Ns (Network Security)
No ratings yet
Syllabus Ns (Network Security)
6 pages
SW Security Course GuideBook - 2017, Semester I
No ratings yet
SW Security Course GuideBook - 2017, Semester I
5 pages
Declarative & Programmatic Security
No ratings yet
Declarative & Programmatic Security
12 pages
Cryptography & Network Security Course
No ratings yet
Cryptography & Network Security Course
5 pages
Network and Web Security Course Content
No ratings yet
Network and Web Security Course Content
2 pages
UF1RAP01 - Security of Computing System
No ratings yet
UF1RAP01 - Security of Computing System
2 pages
20CYS213 - SystemSecurity Evensem2024 25 CDP
No ratings yet
20CYS213 - SystemSecurity Evensem2024 25 CDP
10 pages
IS821 Course Outline Fall 2024
No ratings yet
IS821 Course Outline Fall 2024
3 pages
Morganstateuniversity: Farzad - Moazzami@morgan - Edu
No ratings yet
Morganstateuniversity: Farzad - Moazzami@morgan - Edu
4 pages
CBST
No ratings yet
CBST
22 pages
00 Security Course Intro 2
No ratings yet
00 Security Course Intro 2
11 pages
Course Outline SCS4110
No ratings yet
Course Outline SCS4110
3 pages
Cybersecurity MicroBachelors Guide
No ratings yet
Cybersecurity MicroBachelors Guide
14 pages
Elective Cybersecurity
No ratings yet
Elective Cybersecurity
4 pages
Cyber Security Foundations
No ratings yet
Cyber Security Foundations
7 pages
M.Tech Cyber Security Curriculum
No ratings yet
M.Tech Cyber Security Curriculum
41 pages
MTech CS KIIT Syllabus Y1 v0.3
No ratings yet
MTech CS KIIT Syllabus Y1 v0.3
34 pages
B.Tech Cyber Security Syllabus 2021-22
No ratings yet
B.Tech Cyber Security Syllabus 2021-22
5 pages
CSGE 401 Information Security and Cyber Laws Update Awaited
No ratings yet
CSGE 401 Information Security and Cyber Laws Update Awaited
6 pages
Syllabus
No ratings yet
Syllabus
2 pages
Information Security Course Overview
No ratings yet
Information Security Course Overview
106 pages
BCA Cybersecurity Course Outline
No ratings yet
BCA Cybersecurity Course Outline
5 pages
System Information Security Handout
No ratings yet
System Information Security Handout
4 pages
Secure Software Design Course
No ratings yet
Secure Software Design Course
5 pages
MSC 5 Years Integrated Data Science - Syllabi
No ratings yet
MSC 5 Years Integrated Data Science - Syllabi
22 pages
Advanced Computer Security Curriculum
No ratings yet
Advanced Computer Security Curriculum
6 pages
Foundation of Cyber Security Syllabus
No ratings yet
Foundation of Cyber Security Syllabus
2 pages
Information Security
No ratings yet
Information Security
7 pages
Secure Software Development Syllabus
No ratings yet
Secure Software Development Syllabus
3 pages
SoftSec 01 Intro
No ratings yet
SoftSec 01 Intro
45 pages
IS336 Lecture 0
No ratings yet
IS336 Lecture 0
3 pages
Lesson Plan Theory DIS
No ratings yet
Lesson Plan Theory DIS
10 pages
CS 5950/6030 Network Security Class 1 (W, 8/31/05)
No ratings yet
CS 5950/6030 Network Security Class 1 (W, 8/31/05)
27 pages
Info Security Course Overview
No ratings yet
Info Security Course Overview
52 pages
WAS Lesson Plan New Format
No ratings yet
WAS Lesson Plan New Format
7 pages
CSE Cyber Security Final New
No ratings yet
CSE Cyber Security Final New
15 pages
SAD (Secure Application Development) Lab Manual BE IT 2025-26
No ratings yet
SAD (Secure Application Development) Lab Manual BE IT 2025-26
57 pages
22IT510 and 22IT570 Syllabus
No ratings yet
22IT510 and 22IT570 Syllabus
6 pages
ITM820 - Enterprise Systems Security & Privacy
No ratings yet
ITM820 - Enterprise Systems Security & Privacy
7 pages
CSSY2101 AIS CDP Spring 2023 2024 Signed
No ratings yet
CSSY2101 AIS CDP Spring 2023 2024 Signed
10 pages
Secure Software Development
No ratings yet
Secure Software Development
5 pages
Computer Security Concepts Course Overview
No ratings yet
Computer Security Concepts Course Overview
2 pages
Is Course File
No ratings yet
Is Course File
27 pages
CyberSecurity 3days 2025
No ratings yet
CyberSecurity 3days 2025
10 pages
Courseoutline Fundamental Security (Mekelle)
No ratings yet
Courseoutline Fundamental Security (Mekelle)
2 pages
Software Security for G3 SE Students
No ratings yet
Software Security for G3 SE Students
2 pages
Cryptography Syllabus
No ratings yet
Cryptography Syllabus
2 pages
CIS6013 Web-Application-Security ETH 1 AC41
No ratings yet
CIS6013 Web-Application-Security ETH 1 AC41
9 pages
Csbs 6
No ratings yet
Csbs 6
23 pages
Cybersecurity Global Syllabus
No ratings yet
Cybersecurity Global Syllabus
3 pages
Iv Year I-Semester
No ratings yet
Iv Year I-Semester
45 pages
B.Tech 2nd Year Non-Credit Syllabus
No ratings yet
B.Tech 2nd Year Non-Credit Syllabus
5 pages
Course Outline - Network Security-BESE-3AB-Fall15 - 2 PDF
No ratings yet
Course Outline - Network Security-BESE-3AB-Fall15 - 2 PDF
5 pages
CB3491 CCS
No ratings yet
CB3491 CCS
21 pages
Minor Degree Cyber Security 19-6
No ratings yet
Minor Degree Cyber Security 19-6
20 pages
M.Tech. (Information Security & Cyber Forensics) Full Time Curriculum & Syllabus 2015-16
No ratings yet
M.Tech. (Information Security & Cyber Forensics) Full Time Curriculum & Syllabus 2015-16
42 pages
Os Notes
No ratings yet
Os Notes
6 pages
Unit 3 Mca
No ratings yet
Unit 3 Mca
19 pages
Unit 5 Mca
No ratings yet
Unit 5 Mca
21 pages
Unit 4 Mca
No ratings yet
Unit 4 Mca
17 pages
Web Application Security Testing Resources
No ratings yet
Web Application Security Testing Resources
12 pages
Kali Linux Course Requirements
No ratings yet
Kali Linux Course Requirements
4 pages
Top 100 Cybersecurity Vulnerabilities
No ratings yet
Top 100 Cybersecurity Vulnerabilities
51 pages
Cybersecurity Quiz Insights
No ratings yet
Cybersecurity Quiz Insights
5 pages
Waf Bypassing by Rafaybaloch
No ratings yet
Waf Bypassing by Rafaybaloch
33 pages
Telrock SaaS PCI DSS 3.2.1 Responsibility Matrix Updated June 2021
No ratings yet
Telrock SaaS PCI DSS 3.2.1 Responsibility Matrix Updated June 2021
13 pages
Ccs374 Web Application Security
0% (1)
Ccs374 Web Application Security
21 pages
Kali Linux: Introductory Guide for Cybersecurity
No ratings yet
Kali Linux: Introductory Guide for Cybersecurity
15 pages
Naan Mudhalvannn-Final
No ratings yet
Naan Mudhalvannn-Final
57 pages
An Automated Approach To Vulnerability Assessment and Penetration Testing Using Net-Nirikshak 1.0
No ratings yet
An Automated Approach To Vulnerability Assessment and Penetration Testing Using Net-Nirikshak 1.0
6 pages
ANIK CHATTERJEE - Cyber
No ratings yet
ANIK CHATTERJEE - Cyber
10 pages
Redynox Cyber Security Internship Tasks-1
No ratings yet
Redynox Cyber Security Internship Tasks-1
49 pages
CCS374 Web Application Security
No ratings yet
CCS374 Web Application Security
18 pages
Webscanner Research Paper Draft 250203 192018
No ratings yet
Webscanner Research Paper Draft 250203 192018
4 pages
Web Application Hacking Course Overview
No ratings yet
Web Application Hacking Course Overview
16 pages
NodeJS Security for Developers
No ratings yet
NodeJS Security for Developers
45 pages
Pentesting Reference
No ratings yet
Pentesting Reference
15 pages
Columbia Web Security Standards
100% (1)
Columbia Web Security Standards
14 pages
CW3551-DIS-UNIT-5 Notes
No ratings yet
CW3551-DIS-UNIT-5 Notes
17 pages
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
No ratings yet
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
12 pages
Alda Soro 2022
No ratings yet
Alda Soro 2022
13 pages
Hub Alfresco Com t5 Alfresco Content Services Forum Create C
No ratings yet
Hub Alfresco Com t5 Alfresco Content Services Forum Create C
7 pages
Pentesting Insights 2021
No ratings yet
Pentesting Insights 2021
27 pages
14 Summarizing Secure Application Concepts
No ratings yet
14 Summarizing Secure Application Concepts
31 pages
Attacks On Ebay: By: Jaspuneet Sidhu, Rohit Sakhuja & David Zhou
100% (1)
Attacks On Ebay: By: Jaspuneet Sidhu, Rohit Sakhuja & David Zhou
33 pages
May 2024 Exam
No ratings yet
May 2024 Exam
3 pages
Apache
No ratings yet
Apache
42 pages
Assets, Threats and Vulnerabilities - Module 4
No ratings yet
Assets, Threats and Vulnerabilities - Module 4
35 pages
Tutoriel Xsser
No ratings yet
Tutoriel Xsser
3 pages
CEH v12 Lesson 7 - Web Application Exploitatio
No ratings yet
CEH v12 Lesson 7 - Web Application Exploitatio
40 pages