Gain insights into cyber security fundamentals, explore common threats, discover protection mechanisms like firewalls, learn monitoring and response strategies, and develop secure systems as a developer.

Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Table top exercises

A plan has little value if it hasn’t been rehearsed. Running through an IRP before responding to an actual incident provides several benefits:


- First, it validates the plan itself, ensuring that it’s current, relevant, and accurate.

- Next, it lets the team responsible for executing the incident plan practice.
 

- Finally, it provides the opportunity to identify areas of improvement and adapt to an ever-changing threat environment. Each exercise yields opportunities for improvement, thereby improving the plan’s quality.


A tabletop exercise is a scheduled meeting with the security team where a scenario is presented. This scenario is prepared ahead of time. It should be realistic and should challenge the team to determine the best way to respond. As the team works through the scenario, someone should take notes because what’s documented may end up in the final incident response plan.


## Lessons learned

One of the most critical phases of incident response is the after-action review. Once operations have been restored to their default state, a meeting should be set up with the team to review notes taken by the scribe. This is an excellent opportunity to review the incident and identify changes that can be made to improve the response plan if the incident were to occur again. Once updates to the plan have been made, we should add them to a centralized document repository that the entire team has access to and run through them again in a future tabletop exercise.






# Table top exercises

A plan has little value if it hasn’t been rehearsed. Running through an IRP before responding to an actual incident provides several benefits:


- First, it validates the plan itself, ensuring that it’s current, relevant, and accurate.

- Next, it lets the team responsible for executing the incident plan practice.
 

- Finally, it provides the opportunity to identify areas of improvement and adapt to an ever-changing threat environment. Each exercise yields opportunities for improvement, thereby improving the plan’s quality.


A tabletop exercise is a scheduled meeting with the security team where a scenario is presented. This scenario is prepared ahead of time. It should be realistic and should challenge the team to determine the best way to respond. As the team works through the scenario, someone should take notes because what’s documented may end up in the final incident response plan.


# Lessons learned

One of the most critical phases of incident response is the after-action review. Once operations have been restored to their default state, a meeting should be set up with the team to review notes taken by the scribe. This is an excellent opportunity to review the incident and identify changes that can be made to improve the response plan if the incident were to occur again. Once updates to the plan have been made, we should add them to a centralized document repository that the entire team has access to and run through them again in a future tabletop exercise.






Learn the importance of rehearsing an IRP and the actions to take after an incident concludes.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Tabletop Exercises and Lessons Learned

Table top exercises