Books & Videos

Table of Contents

Chapter: Introduction

Welcome to the Course

04m 40s

Attacks in the News

13m 19s

What We Tell Others

09m 0s

Trusted vs Trustworthy

11m 57s

Security Features

08m 30s

Principle of Least Privilege

05m 21s

Attacking Infrastructure

12m 10s

Convincing Developers

07m 55s

Beyond Perimeter Defense

07m 9s

Chapter: Security Engineering

Introduction to Security Engineering

10m 37s

Economics of Security

11m 41s

Motivation

09m 24s

Security Protocols

24m 30s

Chapter: Software Security

Introduction to Software Security

10m 45s

Risk Management

05m 15s

Security Testing

09m 32s

Architectural Risk Assessment

10m 46s

Principle: Protecting the Weakest Link

05m 54s

Principle: Defense in Depth

06m 9s

Principle: Fail Securely

07m 28s

Principle: Least Privilege

09m 17s

Principle: Log Securely

07m 7s

Principle: Trust Judiciously

09m 42s

Tools

10m 35s

Chapter: Threat Modeling

Introduction to Threat Modeling

06m 11s

STRIDE

04m 51s

Attack Trees

09m 29s

Accounts

13m 8s

Web and Cloud

08m 11s

Chapter: Security in the Organization

Introduction to Security in the Organization

09m 52s

Stakeholders

07m 36s

Teams: Security Teams

07m 42s

Teams: Developers

03m 31s

Teams: Operations

03m 49s

Software Lifecycles

07m 0s

Chapter: Web Security

Password Policies

19m 25s

Feature: HTTP Basic

05m 23s

Feature: HTTP Digest

05m 7s

Feature: TLS

10m 56s

Feature: OAuth

19m 27s

Feature: HTTP Signatures

07m 56s

Feature: JWT

06m 5s

Feature: CORS

12m 41s

Feature: CSP

06m 40s

Feature: HSTS

05m 19s

Feature: WAFs and Firewalls

04m 8s

Chapter: Attacks

Attack Overview

01m 11s

Phishing

06m 35s

XSS and HTML Injection

07m 6s

CSRF

05m 24s

SQL Injection

04m 22s

TLS Attacks: BEAST, BREACH, CRIME

22m 16s

TLS Attacks: Heartbleed

06m 27s

TLS Attacks: POODLE

05m 57s

Chapter: The Future

The Future

09m 32s

Next Steps

09m 56s