hngopher.com

       [HN Gopher] Security Engineering Course
       ___________________________________________________________________
        
       Security Engineering Course
        
       Author : etiam
       Score  : 96 points
       Date   : 2022-01-19 15:43 UTC (7 hours ago)
        
 (HTM) web link (www.lightbluetouchpaper.org)
 (TXT) w3m dump (www.lightbluetouchpaper.org)
        
       | dwheeler wrote:
       | If you're interested in learning how to develop secure software,
       | I recommend checking out the free set of 3 courses from the Open
       | Source Security Foundation (OpenSSF) on "Secure Software
       | Development Fundamentals": https://openssf.org/training/courses/
       | 
       | They're hosted on edX. Like many edX courses, if you want to
       | prove you learned the material you can pay to try to pass various
       | tests and get a certificate, but you do _not_ need to pay if you
       | just want to learn the material.
       | 
       | Full disclosure: I'm the author. But hopefully you'll like it
       | anyway :-).
        
         | CodeGlitch wrote:
         | Interesting...not heard of the openssf (I see they were only
         | formed in 2020?).
         | 
         | Regarding secure software development, I've not seen many certs
         | / exams covering the topic, so it's good you've developed those
         | 3 courses. The only other cert I've seen is the CSSLP by
         | (ISC)2:
         | 
         | https://www.isc2.org/Certifications/CSSLP
         | 
         | Can you comment on how they compare?
        
       | iammjm wrote:
       | Is this book still relevant considering that it has been written
       | in 2001 and updated in 2008?
        
         | Saanti wrote:
         | 3rd edition is 2020
        
           | BayesianDice wrote:
           | Thanks, I'd found the first edition a really good book when I
           | was early in my security career many years ago, I shall have
           | to check the 2020 edition!
        
         | philprx wrote:
         | Yes it is, very good book because it goes from the fundamentals
         | to elaborate examples.
         | 
         | Now if you really want to be in research and current
         | attack/defense then you need to do your homework.
         | 
         | But all the foundations in this book will help you have a
         | comprehensive picture of the landscape you're playing in.
        
       | badrabbit wrote:
       | This is one of those things. I do security engineering but it has
       | little to do with building systems or software. In this case what
       | they mean is "engineering securely" but a security engineer in a
       | security team will be engineering various security tools and
       | content (endpoint security tools/content, threat intel
       | platforms,SIEM,etc...) so literally engineering security
       | controls. Not that I mind but the ambiguity might cause
       | confusion.
        
       ___________________________________________________________________
       (page generated 2022-01-19 23:00 UTC)