Unit Description

Many security vulnerabilities and threats arise at the software level. They can often be attributed to poor software design and implementation, including poor understanding of code-level security requirements, inadequate handling of exceptional cases, incomplete descriptions of the interface between components for secure interactions, and insufficient care in the use of programming languages. This unit provides an overall understanding of software security from a programming perspective in a security context, with the aim of improving your ability in designing, implementing and analysing security-critical programs. In this unit, you will learn about secure programming techniques that can be used to detect vulnerabilities in software and defend against attacks such as buffer overflows, SQL injection and cross-site scripting. The module also covers common mistakes made in using programming languages, libraries and frameworks, and how they can be avoided.