By Tsugikazu Shibata, Linux Foundation and David A. Wheeler, Linux Foundation
The Linux Foundation Training & Certification team, in partnership with the Open Source Software Foundation (OpenSSF), are pleased to announce the launch of one of our post popular training courses translated into Japanese! Developing Secure Software (LFD121) is now available as セキュア ソフトウェア開発 (LFD121-JP).
Modern software is under constant attack by cybercriminals, but many software developers have never been taught how to effectively counter those attacks, both before they happen and after. This course works to solve that problem, by explaining the fundamentals of developing secure software. This course includes specific tips on how to use open source and other software securely, since that is a key part of modern software development.
The original course was developed by the OpenSSF, a cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community, targeted initiatives, and best practices.
セキュア ソフトウェア開発 (LFD121-JP) is geared towards Japanese-speaking software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software. The curriculum focuses on practical steps that can be taken (even with limited resources) to improve information security.
The course starts by discussing the basics of cybersecurity and how to consider security as part of the requirements of a system. This first part of the course then focuses on how to design software to be secure, including various secure design principles that will help you avoid bad designs and embrace good ones. The second part of the course focuses on key implementation issues: input validation (such as why allowlists should be used and not denylists), processing data securely, calling out to other programs, sending output, and error handling. It provides practical steps that developers can take to counter the most common kinds of attacks. Finally, the third part of the course discusses how to verify software for security.
セキュア ソフトウェア開発 (LFD121-JP) will enable software developers to create and maintain systems that are much harder to successfully attack, reduce the damage when attacks are successful, and speed the response so that any latent vulnerabilities can be rapidly repaired.