Starweaver
Advanced Practices in Application Security
Starweaver

Advanced Practices in Application Security

Derek Fisher
Starweaver

Instructors: Derek Fisher

Included with Coursera Plus

Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

8 hours to complete
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

8 hours to complete
Flexible schedule
Learn at your own pace

What you'll learn

  • Apply secure coding practices and OWASP top 10 prevention techniques to eliminate vulnerabilities during development phases.

  • Analyze application architectures to identify critical security threats and design comprehensive threat models for risk mitigation.

  • Evaluate software supply chains and implement security controls for open-source components, dependencies, and vendor relationships.

  • Design secure cloud-native and container architectures with automated monitoring and compliance validation capabilities.

Details to know

Shareable certificate

Add to your LinkedIn profile

Recently updated!

October 2025

Assessments

4 assignments¹

AI Graded see disclaimer
Taught in English

See how employees at top companies are mastering in-demand skills

 logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 6 modules in this course

In this course, you’ll learn how to implement advanced application security practices by embedding security throughout the software development lifecycle (SDLC). You’ll focus on real-world techniques such as secure coding, vulnerability assessment, and DevSecOps integration to anticipate and prevent cyber threats. Through expert instruction, case studies, and hands-on exercises, you’ll gain the skills to apply security controls, integrate automated security testing into pipelines, and align practices with industry standards. By the end of this course, you’ll be equipped to strengthen organizational resilience, reduce risk exposure, and lead proactive application security initiatives that protect software across cloud, mobile, IoT, and enterprise environments.

What's included

1 video1 reading1 plugin

In this module, you’ll learn how to embed security directly into your applications and development processes. You’ll explore Secure by Design principles, secure coding techniques, and secure configuration practices to prevent critical vulnerabilities. Through practical demonstrations, static and dynamic application security testing, and runtime protection strategies, you’ll develop the skills to identify, mitigate, and manage vulnerabilities throughout the software development lifecycle. This module emphasizes proactive security practices aligned with industry standards such as OWASP Top 10 and SANS Top 25 to ensure robust, production-ready applications.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this module, you’ll learn how to systematically identify and analyze security threats before they become costly vulnerabilities. You’ll explore industry-standard methodologies, including STRIDE, and gain hands-on experience with threat modeling tools like OWASP Threat Dragon, attack trees, and Rapid Threat Modeling Prototyping (RTMP). By applying these techniques to real-world scenarios, you’ll develop the skills to anticipate attack vectors, prioritize risks using OWASP and CVSS frameworks, and translate findings into actionable security controls that strengthen application defenses from design through deployment.

What's included

10 videos1 reading1 assignment1 peer review1 discussion prompt

In this module, you’ll learn how to secure the software supply chain and CI/CD pipelines critical to modern development. You’ll explore techniques for evaluating and securing open-source components, third-party dependencies, and vendor relationships while integrating automated security testing throughout development pipelines. Hands-on exercises with Software Bill of Materials (SBOM) creation, dependency management, and monitoring tools equip you to prevent supply chain attacks, ensure compliance with industry standards, and maintain secure DevOps workflows without slowing delivery.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this module, you’ll learn how to secure cloud-native applications, containers, and serverless environments while implementing continuous monitoring and governance. You’ll explore cloud security architectures using CSA Cloud Controls Matrix standards, container and runtime security practices, and Infrastructure-as-Code (IaC) automation for secure deployments. Hands-on exercises with monitoring tools, Kubernetes RBAC, and secrets management help you protect dynamic cloud workloads, detect threats in real time, and maintain compliance across hybrid and multi-cloud environments.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this final module, you will synthesize your learning across secure coding, threat modeling, supply chain protection, and cloud-native security practices. You’ll bring these core concepts together in a hands-on capstone project where you will perform a complete threat modeling exercise using OWASP Threat Dragon. This project demonstrates your ability to identify risks, design effective mitigations, and integrate security into the software development lifecycle. By the end, you will be prepared to showcase your expertise in applying industry-standard frameworks and tools to build secure, resilient applications that align with both technical requirements and organizational goals.

What's included

1 video1 peer review

Instructors

Derek Fisher
Starweaver
0 Courses0 learners
Starweaver
Starweaver
439 Courses811,081 learners

Offered by

Starweaver

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."
Coursera Plus

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Frequently asked questions

¹ Some assignments in this course are AI-graded. For these assignments, your data will be used in accordance with Coursera's Privacy Notice.