
Key Information
About the content
This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, SQL injection, and session hijacking -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. Successful learners in this course typically have completed sophomore/junior-level undergraduate work in a technical field, have some familiarity with programming, ideally in C/C++ and one other "managed" program language (like ML or Java), and have prior exposure to algorithms. Students not familiar with these languages but with others can improve their skills through online web tutorials.
Syllabus
- Week 1 - OVERVIEW
Overview and expectations of the course - Week 1 - LOW-LEVEL SECURITY
Low-level security: Attacks and exploits - Week 2 - DEFENDING AGAINST LOW-LEVEL EXPLOITS
Defending against low-level exploits - Week 3 - WEB SECURITY
Web security: Attacks and defenses - Week 4 - SECURE SOFTWARE DEVELOPMENT
Designing and Building Secure Software - Week 5 - PROGRAM ANALYSIS
Static Program Analysis - Week 6 - PEN TESTING
Penetration and Fuzz Testing
Instructors
Michael Hicks
Professor
Department of Computer Science
Content Designer

The University of Maryland is the state's flagship university and one of the nation's preeminent public research universities. A global leader in research, entrepreneurship and innovation, the university is home to more than 37,000 students, 9,000 faculty and staff, and 250 academic programs. Its faculty includes three Nobel laureates, three Pulitzer Prize winners, 47 members of the national academies and scores of Fulbright scholars. The institution has a $1.8 billion operating budget, secures $500 million annually in external research funding and recently completed a $1 billion fundraising campaign.
Platform

Coursera is a digital company offering massive open online course founded by computer teachers Andrew Ng and Daphne Koller Stanford University, located in Mountain View, California.
Coursera works with top universities and organizations to make some of their courses available online, and offers courses in many subjects, including: physics, engineering, humanities, medicine, biology, social sciences, mathematics, business, computer science, digital marketing, data science, and other subjects.
Really a great course and so far the best in the serries. I enjoyed the interviews most it was very usefull information.


Really a great course and so far the best in the serries. I enjoyed the interviews most it was very usefull information.

assignment level of difficulty is very good but videos doesn't deep dive into concepts. they just brief about concepts.quality of videos can be improved

Good foundations, feels a bit dated though as the Web Security sections seem more focused on vulnerabilities more common in PHP/pre-Web 2.0 & the rise of modern frameworks such as Ruby on Rails, which is surprising for a series that came out in 2014. Still essential knowledge though for software security 101.

This was an awesome course. Tough, very informative and lots of fun. There were a few struggles here and there but it's worth sticking to it till completion. Very satisfied.

Nice course. One remark, it is necessary to review version compatibility of mentioned virtualbox against today OS versions, mainly macOSX.