Gain insights into cyber security fundamentals, explore common threats, discover protection mechanisms like firewalls, learn monitoring and response strategies, and develop secure systems as a developer.

Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

Many of the topics in the following sections have a level indicator. This indicator represents the level of maturity and expertise that a security team should have to deploy an effective security control. It doesn’t necessarily represent the inherent value of the control in relation to an organization. However, this indicator will assist us in identifying and prioritizing the most appropriate security solutions and controls. The following is a basic guide to assigning these levels:


- Level 1 items are the best place to start for organizations just starting to implement an information security program.

- For organizations that have already established an InfoSec program, level 2 or 3 objectives may be more appropriate.

These levels are included in sections one and two of this course.

## Importance of maturity levels

These maturity levels aren’t meant to indicate their importance or effectiveness. They’re intended as suggestions for a phased and iterative approach to building and constantly improving an information security program. The intent is to help us focus on implementing best practices first, providing a solid foundation to build from.

## Maturity level 1

This represents a security best practice, which is core to the foundation of any IT security program. It’s intended for a newly created security team or an individual recently tasked with improving the IT security of an organization. This could be mean starting with a blank slate or having some basic security controls already implemented.















# Overview

Many of the topics in the following sections have a level indicator. This indicator represents the level of maturity and expertise that a security team should have to deploy an effective security control. It doesn’t necessarily represent the inherent value of the control in relation to an organization. However, this indicator will assist us in identifying and prioritizing the most appropriate security solutions and controls. The following is a basic guide to assigning these levels:


- Level 1 items are the best place to start for organizations just starting to implement an information security program.

- For organizations that have already established an InfoSec program, level 2 or 3 objectives may be more appropriate.

These levels are included in sections one and two of this course.

# Importance of maturity levels

These maturity levels aren’t meant to indicate their importance or effectiveness. They’re intended as suggestions for a phased and iterative approach to building and constantly improving an information security program. The intent is to help us focus on implementing best practices first, providing a solid foundation to build from.

# Maturity level 1

This represents a security best practice, which is core to the foundation of any IT security program. It’s intended for a newly created security team or an individual recently tasked with improving the IT security of an organization. This could be mean starting with a blank slate or having some basic security controls already implemented.















Learn about the levels of maturity an organization needs to possess to effectively deploy appropriate security measures.


The Maturity Levels of Security

Learn about the levels of maturity an organization needs to possess to effectively deploy appropriate security measures.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

The Maturity Levels of Security

Overview