In today’s interconnected and increasingly digital world, secure coding is a fundamental aspect of responsible and trustworthy software development. It is essential for ensuring programs and systems are resistant to security threats, and enables you to employ secure design principles and implement safeguards to avoid potential risks.
This eight-week course is developed in partnership with the University of Waterloo's Cybersecurity and Privacy Institute. Designed for software developers and engineers, this course introduces key concepts for securing software applications so you can protect sensitive data, prevent security breaches, and ensure the reliability and trustworthiness of software products. It explores the strategies you can use throughout the software development lifecycle to make code more secure and reduce the need for costly security patches in the future.
Through case studies featuring real-world examples, you will discover the common vulnerabilities that exist within systems and better understand how to protect against them. You will also learn how modern secure coding tools and practices, such as secure coding with artificial intelligence (AI), can minimize risk and foster a safer and more resilient digital environment for your organization and your users.
- Software developers or engineers (at any level) who need to know how to prevent possible security risks and vulnerabilities.
- Software development teams tasked with implementing cybersecurity awareness (e.g.,
analysts and architects).
Prerequisites
- At least two years of coding experience in Java, Python, C, C++, or JavaScript is required.
Learn alongside your team!
WatSPEED provides custom learning experiences tailored for large groups from any single organization. Register three or more employees from the same organization and receive 15 per cent off. Contact our team at watspeed@uwaterloo.ca for details.
- Follow software development lifecycle (SDLC) guidelines to develop safe coding habits.
- Use secure design principles to check code for security issues and implement fixes with CodeQL.
- Understand and explain the requirements for designing secure software systems.
- Explore how code generation tools can aid in project workflow or pose security risks.
|
Module Title |
Main Topics / Learning Outcomes |
|
Module 1: Introduction |
|
|
Module 2: Architecture and Design |
|
|
Module 3: Implementation |
|
|
Module 4: Secure Coding with AI |
|
|
Module 5: Fuzzing, Profilers, and Penetration Testing |
|
- Receive instruction from secure coding experts in a course authored by University of Waterloo faculty.
- Participate in approximately five hours of independent, online learning each week (including reflection and discussion tasks, exercises, and assignments.)
- Practice identifying and reporting security vulnerabilities through diagnostic exercises.
- Integrate your learning into real-world scenarios with hands-on lab simulations.
System requirements
Receive a certificate from the University of Waterloo
Upon successful completion of this program, you will receive a professional education certificate from the University of Waterloo.
Mei Nagappan
Associate Professor, David R. Cheriton School of Computer Science, University of Waterloo | Program Author
Mei Nagappan is an associate professor and the current Ross and Muriel Cheriton faculty fellow in the David R. Cheriton School of Computer Science at the University of Waterloo. His area of research and expertise is focused on deriving solutions that encompass the various stakeholders of software systems, addressing common concerns for software developers, engineers, operators, testers, and project managers. He is also interested in studying big data empirical software engineering by mining ultra large repositories of software to identify patterns and relationships in large ecosystems.
Mei was formerly an assistant professor at the software engineering department at the Rochester Institute of Technology. Before that, he was a post-doctoral fellow with the Software Analysis and Intelligence Lab (SAIL) in the School of Computing at Queens University. He has a PhD in computer science from North Carolina State University. His research interests are in 'Big Data' Empirical Software Engineering by mining Ultra Large repositories of software to identify patterns and relationships in large ecosystems.
Cuneyt Karul
Certified Information Systems Security Professional | Course Instructor
Cuneyt Karul has decades of experience in software development, architecture, and cybersecurity. His extensive career spans diverse sectors such as algorithmic trading, encryption, networking, scientific simulation, and telecom billing. Currently serving as the vice-president of IT and Security Operations at Hootsuite, a global leader in social media management, Karul oversees strategic initiatives to ensure robust security measures and efficient IT operations.
Karul is a Certified Information Systems Security Professional (CISSP) with the International Information Systems Security Certification Consortium, Inc (ISC2), Certified Information Security Manager (CISM) with ISACA, and a RESILIA Foundation and RESILIA Practitioner certification owner with AXELOS Global Best Practice. He holds BSc., MSc and PhD degrees in engineering from Middle East Technical University.