Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

An individual or an organization registers a domain name. It’s often intended to represent an entity on the internet. For example, `microsoft.com` is the web presence for the Microsoft Corporation. A domain can be thought of as a mailing address, and one or more rooms or hosts can be at that address. For example, `www.microsoft.com` is the main website for Microsoft, whereas `update.microsoft.com` is a software update site that Microsoft also hosts.


## Complicated domain names

Domain names don’t have to be easy to read The domain `caff5nzmnlb0jyorapa.com` may also be legitimate , but it’s impossible to know what it represents just by looking at it. This is where the value of cyber intelligence comes in. If an intel feed provides the IOC `caff5nzmnlb0jyorapa.com`, and the feed is trustworthy, then this domain can be plugged into detective and protective controls. As a result, an alert is thrown if a device attempts to visit this domain, identifying a potentially compromised device. An internet proxy could alternatively block the domain altogether.




# Overview

An individual or an organization registers a domain name. It’s often intended to represent an entity on the internet. For example, `microsoft.com` is the web presence for the Microsoft Corporation. A domain can be thought of as a mailing address, and one or more rooms or hosts can be at that address. For example, `www.microsoft.com` is the main website for Microsoft, whereas `update.microsoft.com` is a software update site that Microsoft also hosts.


# Complicated domain names

Domain names don’t have to be easy to read The domain `caff5nzmnlb0jyorapa.com` may also be legitimate , but it’s impossible to know what it represents just by looking at it. This is where the value of cyber intelligence comes in. If an intel feed provides the IOC `caff5nzmnlb0jyorapa.com`, and the feed is trustworthy, then this domain can be plugged into detective and protective controls. As a result, an alert is thrown if a device attempts to visit this domain, identifying a potentially compromised device. An internet proxy could alternatively block the domain altogether.




Learn how to monitor network traffic through domain names.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Domain Names

Overview

Complicated domain names