Gain insights into cyber security fundamentals, explore common threats, discover protection mechanisms like firewalls, learn monitoring and response strategies, and develop secure systems as a developer.

Modern computer systems are almost universally connected, which creates wider attack surfaces well beyond code to users, hardware, and more. Securing systems is thus a fundamental skill for modern software engineers.

This course is a comprehensive introduction to cyber security best practices. You’ll start with an overview of common threats and vulnerabilities, as well as high-level concepts like privilege, integrity, logging, and mediation. With these concepts in mind, you’ll then learn common protection mechanisms and defense strategies from endpoint protection to firewalls, gateways, and proxy servers. Next, you’ll learn monitoring and detection techniques, alerts, and event management. Finally, when you detect a threat, you’ll know how to respond with support tickets, data preservation, and change management.

By the end of this course, you’ll have a better understanding of modern cyber security practices and a clear roadmap to implementing these as a developer.

Cyber Security Best Practices for Developers

## Overview

Vulnerability scanning serves two purposes:
 
- Evaluating assets for their security hardiness. 

- Identifying all endpoints connected to the network.

## Step one: Network scan

 Performing a network scan first is  standard procedure for vulnerability scanning. This is useful for asset identification, including finding items that aren’t documented or are unknown. These could be either:


- Rogue endpoints.

- Devices that have been installed for legitimate purposes but without consent from the security team.
 

Assets discovered and determined to be legitimate should be documented in a repository like a configuration management database (see CMDB in chapter one). Rogue devices should be found and removed from the production network as soon as possible.

## Step two: Asset scan

The next step is to iterate the list of discovered assets and perform a more detailed scan of each. This is known as an asset scan, which can be very useful for finding patching opportunities. Caution should be used, however, as a scan could cause the target to fail due to excessive network activity. Some assets may need to be exempt from scanning to avoid them from crashing, though it can be said that a scan that crashes a system indicates a system that’s prone to denial of service attacks.

## Types of asset scans

There are two types of asset scans: 

- Authenticated 

- Unauthenticated 

### Authenticated scans

Authenticated scans require the scanner to log onto the device, which provides much more access for the scanner and, therefore, more scan coverage. An account that follows the principle of least privilege should be created specifically for the scanner. 

### Unauthenticated scans

Unauthenticated scans may be safer because the scanner doesn't log onto the asset, but the scan coverage can be less comprehensive.








# Overview

Vulnerability scanning serves two purposes:
 
- Evaluating assets for their security hardiness. 

- Identifying all endpoints connected to the network.

# Step one: Network scan

 Performing a network scan first is  standard procedure for vulnerability scanning. This is useful for asset identification, including finding items that aren’t documented or are unknown. These could be either:


- Rogue endpoints.

- Devices that have been installed for legitimate purposes but without consent from the security team.
 

Assets discovered and determined to be legitimate should be documented in a repository like a configuration management database (see CMDB in chapter one). Rogue devices should be found and removed from the production network as soon as possible.

# Step two: Asset scan

The next step is to iterate the list of discovered assets and perform a more detailed scan of each. This is known as an asset scan, which can be very useful for finding patching opportunities. Caution should be used, however, as a scan could cause the target to fail due to excessive network activity. Some assets may need to be exempt from scanning to avoid them from crashing, though it can be said that a scan that crashes a system indicates a system that’s prone to denial of service attacks.

# Types of asset scans

There are two types of asset scans: 

- Authenticated 

- Unauthenticated 

## Authenticated scans

Authenticated scans require the scanner to log onto the device, which provides much more access for the scanner and, therefore, more scan coverage. An account that follows the principle of least privilege should be created specifically for the scanner. 

## Unauthenticated scans

Unauthenticated scans may be safer because the scanner doesn't log onto the asset, but the scan coverage can be less comprehensive.








Learn to identify security vulnerabilities in the assets of an organization.

Introduction

Basics of Security

Detect

Protect

Respond

Conclusion

Vulnerability Scanning

Overview

Step one: Network scan