Security is not a feature you add at the end. This course covers threat modelling, cryptographic primitives, authentication and access control, the most common attack classes, and the development practices that reduce exposure.
Outcomes
- Produce a structured threat model for a software system
- Apply symmetric and asymmetric cryptography to real authentication problems
- Identify and exploit common web vulnerabilities in a controlled lab environment
- Audit code for access-control weaknesses and implement targeted fixes
Outline
Start →- 01 Threat Modelling Identifying assets, threats, and attack surfaces before writing a line of security code.
- 02 Cryptography Basics Symmetric and asymmetric encryption, hash functions, digital signatures, and TLS.
- 03 Authentication and Access Control Passwords, hashing, MFA, session management, and role-based access control.
- 04 Common Attack Classes Injection, XSS, CSRF, broken authentication, and the OWASP Top Ten in practice.