About this Course
36,202 recent views

Course 2 of 5 in the

100% online

Start instantly and learn at your own schedule.

Flexible deadlines

Reset deadlines in accordance to your schedule.

Approx. 22 hours to complete

Suggested: 6 weeks of study, 3-5 hours/week...


Subtitles: English, Korean

Skills you will gain

Fuzz TestingBuffer OverflowSql InjectionPenetration Test

Course 2 of 5 in the

100% online

Start instantly and learn at your own schedule.

Flexible deadlines

Reset deadlines in accordance to your schedule.

Approx. 22 hours to complete

Suggested: 6 weeks of study, 3-5 hours/week...


Subtitles: English, Korean

Syllabus - What you will learn from this course

2 hours to complete


Overview and expectations of the course

3 videos (Total 26 min), 4 readings, 1 quiz
3 videos
What is software security?7m
Tour of the course and expected background11m
4 readings
Introductory Reading10m
FAQ and Errata10m
1 practice exercise
Qualifying Quiz30m
2 hours to complete


Low-level security: Attacks and exploits

6 videos (Total 50 min), 2 readings, 2 quizzes
6 videos
Memory Layout11m
Buffer Overflow6m
Code Injection6m
Other Memory Exploits11m
Format String Vulnerabilities6m
2 readings
Week 1 Reading10m
Project 110m
2 practice exercises
Week 1 quiz30m
VM BOF quiz24m
2 hours to complete


Defending against low-level exploits

7 videos (Total 79 min), 1 reading, 1 quiz
7 videos
Memory Safety16m
Type Safety4m
Avoiding Exploitation9m
Return Oriented Programming - ROP11m
Control Flow Integrity14m
Secure Coding18m
1 reading
Week 2 Reading10m
1 practice exercise
Week 2 quiz30m
3 hours to complete


Web security: Attacks and defenses

10 videos (Total 101 min), 2 readings, 2 quizzes
10 videos
Web Basics10m
SQL Injection10m
SQL Injection Countermeasures9m
Web-based State Using Hidden Fields and Cookies13m
Session Hijacking6m
Cross-site Request Forgery - CSRF6m
Web 2.05m
Cross-site Scripting13m
Interview with Kevin Haley21m
2 readings
Week 3 Reading10m
Project 210m
2 practice exercises
BadStore quiz18m
Week 3 quiz32m
3 hours to complete


Designing and Building Secure Software

10 videos (Total 130 min), 1 reading, 1 quiz
10 videos
Threat Modeling, or Architectural Risk Analysis9m
Security Requirements13m
Avoiding Flaws with Principles8m
Design Category: Favor Simplicity10m
Design Category: Trust With Reluctance12m
Design Category: Defense in Depth, Monitoring/Traceability5m
Top Design Flaws9m
Case Study: Very Secure FTP daemon12m
Interview with Gary McGraw40m
1 reading
Week 4 Reading10m
1 practice exercise
Week 4 quiz32m
3 hours to complete


Static Program Analysis

13 videos (Total 142 min), 2 readings, 2 quizzes
13 videos
Static Analysis: Introduction part 28m
Flow Analysis8m
Flow Analysis: Adding Sensitivity8m
Context Sensitive Analysis8m
Flow Analysis: Scaling it up to a Complete Language and Problem Set11m
Challenges and Variations8m
Introducing Symbolic Execution10m
Symbolic Execution: A Little History3m
Basic Symbolic Execution14m
Symbolic Execution as Search, and the Rise of Solvers12m
Symbolic Execution Systems8m
Interview with Andy Chou32m
2 readings
Week 5 Reading10m
Project 310m
2 practice exercises
Project 3 quiz16m
Week 5 quiz28m
2 hours to complete


Penetration and Fuzz Testing

5 videos (Total 107 min), 1 reading, 1 quiz
5 videos
Pen Testing14m
Interview with Eric Eames31m
Interview with Patrice Godefroid35m
1 reading
Week 6 Reading10m
1 practice exercise
Week 6 quiz24m
182 ReviewsChevron Right


started a new career after completing these courses


got a tangible career benefit from this course


got a pay increase or promotion

Top reviews from Software Security

By GBMay 27th 2019

Was prepared and presented in a very special and superb way. I am glad I took and completed it. Thanks to my tutor Michael Hicks and special appreciation to coursera for making this possible for me.

By PRNov 20th 2016

Content is really valuable and actionable with a specific comeback for the student in terms of secure development, security and how to understand the origin of exploits and other cyber attacks



Michael Hicks

Department of Computer Science

About University of Maryland, College Park

The University of Maryland is the state's flagship university and one of the nation's preeminent public research universities. A global leader in research, entrepreneurship and innovation, the university is home to more than 37,000 students, 9,000 faculty and staff, and 250 academic programs. Its faculty includes three Nobel laureates, three Pulitzer Prize winners, 47 members of the national academies and scores of Fulbright scholars. The institution has a $1.8 billion operating budget, secures $500 million annually in external research funding and recently completed a $1 billion fundraising campaign. ...

About the Cybersecurity Specialization

The Cybersecurity Specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. These concepts are illustrated with examples drawn from modern practice, and augmented with hands-on exercises involving relevant tools and techniques. Successful participants will develop a way of thinking that is security-oriented, better understanding how to think about adversaries and how to build systems that defend against them....

Frequently Asked Questions

  • Once you enroll for a Certificate, you’ll have access to all videos, quizzes, and programming assignments (if applicable). Peer review assignments can only be submitted and reviewed once your session has begun. If you choose to explore the course without purchasing, you may not be able to access certain assignments.

  • When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.

More questions? Visit the Learner Help Center.