As cyber threats grow in sophistication, organizations can no longer treat application security as an afterthought. This course equips software developers, cybersecurity professionals, and DevSecOps teams to embed security throughout the software development lifecycle (SDLC). You’ll master practical, up-to-date techniques aligned with industry frameworks from NIST, OWASP, CISA, and CSA.



Recommended experience
What you'll learn
Apply secure coding practices and OWASP top 10 prevention techniques to eliminate vulnerabilities during development phases.
Analyze application architectures to identify critical security threats and design comprehensive threat models for risk mitigation.
Evaluate software supply chains and implement security controls for open-source components, dependencies, and vendor relationships.
Design secure cloud-native and container architectures with automated monitoring and compliance validation capabilities.
Skills you'll gain
- Open Web Application Security Project (OWASP)
- Application Development
- CI/CD
- Software Development
- Continuous Monitoring
- Cybersecurity
- Containerization
- Supply Chain
- DevSecOps
- Security Controls
- Infrastructure as Code (IaC)
- Secure Coding
- Cloud Security
- Application Security
- Dependency Analysis
- Threat Modeling
- Security Testing
- Cloud Standards
Details to know

Add to your LinkedIn profile
October 2025
See how employees at top companies are mastering in-demand skills

There are 6 modules in this course
In this course, you’ll learn how to implement advanced application security practices by embedding security throughout the software development lifecycle (SDLC). You’ll focus on real-world techniques such as secure coding, vulnerability assessment, and DevSecOps integration to anticipate and prevent cyber threats. Through expert instruction, case studies, and hands-on exercises, you’ll gain the skills to apply security controls, integrate automated security testing into pipelines, and align practices with industry standards. By the end of this course, you’ll be equipped to strengthen organizational resilience, reduce risk exposure, and lead proactive application security initiatives that protect software across cloud, mobile, IoT, and enterprise environments.
What's included
1 video1 reading1 plugin
In this module, you’ll learn how to embed security directly into your applications and development processes. You’ll explore Secure by Design principles, secure coding techniques, and secure configuration practices to prevent critical vulnerabilities. Through practical demonstrations, static and dynamic application security testing, and runtime protection strategies, you’ll develop the skills to identify, mitigate, and manage vulnerabilities throughout the software development lifecycle. This module emphasizes proactive security practices aligned with industry standards such as OWASP Top 10 and SANS Top 25 to ensure robust, production-ready applications.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this module, you’ll learn how to systematically identify and analyze security threats before they become costly vulnerabilities. You’ll explore industry-standard methodologies, including STRIDE, and gain hands-on experience with threat modeling tools like OWASP Threat Dragon, attack trees, and Rapid Threat Modeling Prototyping (RTMP). By applying these techniques to real-world scenarios, you’ll develop the skills to anticipate attack vectors, prioritize risks using OWASP and CVSS frameworks, and translate findings into actionable security controls that strengthen application defenses from design through deployment.
What's included
10 videos1 reading1 assignment1 peer review1 discussion prompt
In this module, you’ll learn how to secure the software supply chain and CI/CD pipelines critical to modern development. You’ll explore techniques for evaluating and securing open-source components, third-party dependencies, and vendor relationships while integrating automated security testing throughout development pipelines. Hands-on exercises with Software Bill of Materials (SBOM) creation, dependency management, and monitoring tools equip you to prevent supply chain attacks, ensure compliance with industry standards, and maintain secure DevOps workflows without slowing delivery.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this module, you’ll learn how to secure cloud-native applications, containers, and serverless environments while implementing continuous monitoring and governance. You’ll explore cloud security architectures using CSA Cloud Controls Matrix standards, container and runtime security practices, and Infrastructure-as-Code (IaC) automation for secure deployments. Hands-on exercises with monitoring tools, Kubernetes RBAC, and secrets management help you protect dynamic cloud workloads, detect threats in real time, and maintain compliance across hybrid and multi-cloud environments.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this final module, you will synthesize your learning across secure coding, threat modeling, supply chain protection, and cloud-native security practices. You’ll bring these core concepts together in a hands-on capstone project where you will perform a complete threat modeling exercise using OWASP Threat Dragon. This project demonstrates your ability to identify risks, design effective mitigations, and integrate security into the software development lifecycle. By the end, you will be prepared to showcase your expertise in applying industry-standard frameworks and tools to build secure, resilient applications that align with both technical requirements and organizational goals.
What's included
1 video1 peer review
Offered by
Why people choose Coursera for their career





Open new doors with Coursera Plus
Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Advance your career with an online degree
Earn a degree from world-class universities - 100% online
Join over 3,400 global companies that choose Coursera for Business
Upskill your employees to excel in the digital economy
Frequently asked questions
To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.
Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.
More questions
Financial aid available,
¹ Some assignments in this course are AI-graded. For these assignments, your data will be used in accordance with Coursera's Privacy Notice.