CS864 Applications Security

This course covers building security into software products including data bases during the software design and programming. Vulnerabilities related to poor programming techniques and data structure design are examined. These deficiencies can occur in custom code, web scripting languages and database structures. Information in memory and storage are both susceptible to attacks both internally and externally. Life cycle security development models are presented in addition to verification and validation strategies. The role of the security professional in the creation and management of software security policy is examined.