Gain insights into cyber security fundamentals, explore common threats, discover protection mechanisms like firewalls, learn monitoring and response strategies, and develop secure systems as a developer.

Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

A network can be thought of as the circulatory system of an organization as it provides connectivity and communication in the following ways:


- Email

- Connectivity to printers and scanners

- Access to data repositories and cloud-based apps

- Instant messenger and chat

- Streaming music

- Voice over IP (VoIP)

- Web browsing

Although a network provides a conduit for legitimate activity, it’s also the same system that attackers can leverage to:

- Monitor activity 

- Exfiltrate sensitive data 

- Install backdoors and other malware 

Therefore, the network’s security is paramount.

## Providing Wi-Fi access

The organization may offer **Wi-Fi** to provide internet connectivity for employee’s mobile devices. A recommended way to provide this Wi-Fi service is to have two separate networks:


- One for production access

- One for guests and personal use

 While the production network should be monitored, we may not want to monitor the guest network. This is because there may be activities that the organization doesn’t want to be liable for. If this network isn’t monitored, the organization has plausible deniability if malicious, inappropriate, or illegal activity is discovered to have been performed by someone utilizing the network.

## Caution when relying on cloud service providers

Organizations increasingly depend on **cloud service providers** for the following services:
 

- File and data storage 

- Software as a service (SaaS) 

- Computational power

There are many more examples. Yet, this means using and relying on networks that are out of the organization’s direct control. Trust has to be extended to these providers. The challenge is taking advantage of everything the cloud provides without increasing the risk to the organization or expanding its attack surface. The importance of performing a thorough review of agreements with cloud service providers can’t be overstated.


# Overview

A network can be thought of as the circulatory system of an organization as it provides connectivity and communication in the following ways:


- Email

- Connectivity to printers and scanners

- Access to data repositories and cloud-based apps

- Instant messenger and chat

- Streaming music

- Voice over IP (VoIP)

- Web browsing

Although a network provides a conduit for legitimate activity, it’s also the same system that attackers can leverage to:

- Monitor activity 

- Exfiltrate sensitive data 

- Install backdoors and other malware 

Therefore, the network’s security is paramount.

# Providing Wi-Fi access

The organization may offer **Wi-Fi** to provide internet connectivity for employee’s mobile devices. A recommended way to provide this Wi-Fi service is to have two separate networks:


- One for production access

- One for guests and personal use

 While the production network should be monitored, we may not want to monitor the guest network. This is because there may be activities that the organization doesn’t want to be liable for. If this network isn’t monitored, the organization has plausible deniability if malicious, inappropriate, or illegal activity is discovered to have been performed by someone utilizing the network.

# Caution when relying on cloud service providers

Organizations increasingly depend on **cloud service providers** for the following services:
 

- File and data storage 

- Software as a service (SaaS) 

- Computational power

There are many more examples. Yet, this means using and relying on networks that are out of the organization’s direct control. Trust has to be extended to these providers. The challenge is taking advantage of everything the cloud provides without increasing the risk to the organization or expanding its attack surface. The importance of performing a thorough review of agreements with cloud service providers can’t be overstated.


Learn about general ways to protect an organization's network, including safeguarding its Wi-Fi access and using cloud services carefully.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Network Protection

Overview