VOOZH about

URL: https://www.coursera.org/learn/secure-software-development-lifecycle-ssdlc

⇱ Secure Software Development Lifecycle (SSDLC) | Coursera

Secure Software Development Lifecycle (SSDLC)

Secure Software Development Lifecycle (SSDLC)

Included with

β€’

Learn more

Ask Coursera

Gain insight into a topic and learn the fundamentals.
Beginner level

Recommended experience

6 hours to complete
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Beginner level

Recommended experience

6 hours to complete
Flexible schedule
Learn at your own pace

What you'll learn

  • Apply the phases of the Secure Software Development Lifecycle to projects

  • Analyze design-stage security risks using STRIDE threat modeling

  • Implement defenses against common vulnerabilities like SQL injection and cross-site scripting

  • Evaluate and harden applications using SAST, DAST, TLS, and secure deployment

Details to know

Shareable certificate

Add to your LinkedIn profile

Recently updated!

June 2026

Assessments

11 assignments

Taught in English

There are 4 modules in this course

Most security breaches trace back to decisions made long before a product ever shipped. Security cannot be bolted on at the end. It has to be designed, written, tested, and deployed into the software from the very first line.

This course walks through the Secure Software Development Lifecycle (SSDLC). You will follow along with guided, hands-on demonstrations: modeling threats with STRIDE, writing code that resists common attacks, scanning dependencies and source code for vulnerabilities, and hardening applications for secure deployment. Starting from secure coding foundations and early threat modeling, you will move through the vulnerabilities developers meet most often and finish with the testing and deployment practices that keep applications secure in production. By the end of this course, you will be able to: 1. Explain the principles and phases of the Secure Software Development Lifecycle 2. Apply STRIDE threat modeling to identify security risks during application design 3. Analyze software for common vulnerabilities such as SQL injection and cross-site scripting 4. Implement secure authentication, session management, and secrets handling against the OWASP risk model 6. Differentiate static and dynamic testing approaches (SAST and DAST) and select the right one for each scenario 7. Evaluate dependencies, configurations, and deployment environments for security weaknesses 8. Design a secure deployment and hardening strategy using HTTPS, TLS, and container hardening This course is designed for software developers, application engineers, DevOps practitioners, QA engineers, and technical leads who want to write and ship secure software. It suits anyone responsible for application security who prefers a hands-on, vendor-neutral path over certification-exam cramming. To get the most from this course, you should have basic programming experience and familiarity with the software development process. No prior security tooling or certification background is required. Enroll now to start building security into every stage of development and ship software that stays secure from the first line to release.

Explore the principles of Secure Software Development Lifecycle (SSDLC) and understand how security integrates into every stage of application development. This module introduces secure coding foundations, software security failures, threat modeling with STRIDE, and risk identification techniques that help organizations design security-first development processes.

What's included

7 videos4 readings3 assignments

7 videosβ€’Total 35 minutes
  • Course Introductionβ€’5 minutes
  • Defining Secure Coding and Software Security Failuresβ€’5 minutes
  • Demonstration: Using an AI-Powered Secure Coding Analysis Toolβ€’5 minutes
  • Demonstration: Ethical Vulnerability Screening Using Sola Securityβ€’6 minutes
  • Comparing Traditional SDLC and Secure SDLCβ€’6 minutes
  • Demonstration: Performing Threat Modeling with STRIDEβ€’4 minutes
  • Demonstration: Identifying Security Risks in SDLCβ€’3 minutes
4 readingsβ€’Total 40 minutes
  • Course Overviewβ€’10 minutes
  • Foundations of Secure Software Development and Security-First Designβ€’10 minutes
  • Threat Modeling Fundamentalsβ€’10 minutes
  • Module Summary: Foundations of Secure Software Developmentβ€’10 minutes
3 assignmentsβ€’Total 27 minutes
  • Knowledge Check: SDLC Foundations and Threat Modeling Assessmentβ€’15 minutes
  • Knowledge Check: SSDLC and Security Basicsβ€’6 minutes
  • Knowledge Check: Threat Modeling, STRIDE, and Secure SDLC Practicesβ€’6 minutes

Learn how to build resilient applications by applying secure coding practices and protecting critical application components. This module focuses on preventing common vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS), implementing secure authentication and authorization mechanisms, managing secrets securely, and understanding OWASP security risks in modern applications.

What's included

6 videos3 readings3 assignments

6 videosβ€’Total 27 minutes
  • Validating Input and Preventing Injection Vulnerabilitiesβ€’5 minutes
  • Demonstration: Preventing SQL Injection Attacksβ€’4 minutes
  • Demonstration: Preventing Cross-Site Scripting (XSS)β€’5 minutes
  • Implementing Secure Authentication and Authorization Controlsβ€’5 minutes
  • Demonstration: Implementing Secure Password Hashingβ€’6 minutes
  • Demonstration: Managing Secrets with Environment Variablesβ€’3 minutes
3 readingsβ€’Total 30 minutes
  • Secure Coding and OWASP Security Risksβ€’10 minutes
  • Authentication and Access Controlβ€’10 minutes
  • Module Summary: Secure Coding and Application Securityβ€’10 minutes
3 assignmentsβ€’Total 27 minutes
  • Knowledge Check: Secure Coding and Authentication Security Assessmentβ€’15 minutes
  • Knowledge Check: SQL Injection, XSS, and Input Security Fundamentalsβ€’6 minutes
  • Knowledge Check: Authentication, MFA, Sessions, and Secrets Securityβ€’6 minutes

Discover how security validation, vulnerability assessment, and deployment hardening strengthen modern software systems. This module covers dependency security, secure code reviews, SAST and DAST testing methodologies, HTTPS and TLS configuration, vulnerability remediation workflows, and infrastructure hardening practices required for secure application deployment and operations.

What's included

9 videos4 readings4 assignments

9 videosβ€’Total 39 minutes
  • Dependency Security and Secure Code Reviewsβ€’5 minutes
  • Secure Code Reviews and Validation Processβ€’4 minutes
  • Demonstration: Scanning Vulnerable Dependenciesβ€’4 minutes
  • Examining Static Application Security Testing (SAST)β€’5 minutes
  • Demonstration: Running Static Security Scansβ€’4 minutes
  • Analyzing Dynamic Application Security Testing (DAST)β€’5 minutes
  • Secure Deployment and System Hardeningβ€’4 minutes
  • Demonstration: Configuring HTTPS and TLS Securityβ€’4 minutes
  • Container Security and Hardening Techniquesβ€’4 minutes
4 readingsβ€’Total 40 minutes
  • Dependency and Supply Chain Securityβ€’10 minutes
  • Vulnerability Management and Risk Remediationβ€’10 minutes
  • Infrastructure Security, Configuration Management, and Operational Hardeningβ€’10 minutes
  • Module Summary: Security Testing and Secure Deploymentβ€’10 minutes
4 assignmentsβ€’Total 33 minutes
  • Knowledge Check: Application Security Testing and Deployment Security Assessmentβ€’15 minutes
  • Knowledge Check: Dependency Vulnerabilities and Secure Review Techniquesβ€’6 minutes
  • Knowledge Check: SAST, DAST, and Security Testing Conceptsβ€’6 minutes
  • Knowledge Check: HTTPS, TLS, Hardening, and Deployment Securityβ€’6 minutes

Accelerate your path to DP-700 certification with a comprehensive Microsoft Fabric course covering data engineering, modern warehousing, real-time intelligence, data factory, power bi, and AI-powered analytics. Build the expertise to design secure, scalable, and high-performance enterprise solutions.

What's included

1 video1 reading1 assignment

1 videoβ€’Total 4 minutes
  • Course Summaryβ€’4 minutes
1 readingβ€’Total 30 minutes
  • Practice Project: Building a Secure Software Development Lifecycle (SSDLC) Implementationβ€’30 minutes
1 assignmentβ€’Total 30 minutes
  • End Course Knowledge Check: Secure Software Development Lifecycleβ€’30 minutes

Instructor

Edureka
203 Coursesβ€’185,724 learners

Why people choose Coursera for their career

πŸ‘ Image

Felipe M.

Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
πŸ‘ Image

Jennifer J.

Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
πŸ‘ Image

Larry W.

Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
πŸ‘ Image

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Frequently asked questions

The SSDLC is an approach that embeds security into every phase of software development β€” design, coding, testing, and deployment β€” rather than treating it as a final review step. This course teaches the SSDLC end to end with hands-on demonstrations.

You need basic programming experience and familiarity with the software development process. No prior security tooling or certification background is required.

You will work with STRIDE threat modeling, AI-powered secure coding analysis, SQL injection and XSS prevention techniques, secure authentication and secrets management, SAST and DAST scanning, and HTTPS/TLS and container hardening.

Static application security testing (SAST) analyzes source code without running it to find vulnerabilities early, while dynamic application security testing (DAST) tests a running application from the outside. The course covers both and when to use each.

Yes. You earn a course certificate after completing all graded assessments, which you can add to your LinkedIn profile.

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Financial aid available,