CSOL 560- Secure Software Design and Development was one of the most exciting classes throughout the CSOL program. During this course, I researched the foundation and core principles of software system design and some of the most prominent cyber-attacks on software systems.
Valuable Resources
Axelrod, C. (2012). Engineering Safe and Secure Software Systems (1st ed.). Artech House.
Bennetts, S. (2013). Blackhat.com. Retrieved from https://www.blackhat.com/docs/us-
14/materials/arsenal/us-14-Bennetts-OWASP-Zap.pdf.
Breachlock. (2021). 3 Opensource Tools for DAST - BreachLock. BreachLock. Retrieved from https://www.breachlock.com/3-opensource-tools-for-dast/.
GitHub. (2021). Maintainer spotlight: How to secure your project with one of the world’s top open
source tools | The GitHub Blog. The GitHub Blog. Retrieved from https://github.blog/2020-07-30-maintainer-spotlight-how-to-secure-your-project-with-one-of-the-worlds-top-open-source-tools/.
GitHub. (2021). Releases · WebGoat/WebGoat. GitHub. Retrieved from
https://github.com/WebGoat/WebGoat/releases.
OWASP. (2021). Static Code Analysis Control | OWASP Foundation. Owasp.org. Retrieved from https://owasp.org/www-community/controls/Static_Code_Analysis.
OWASP. (2021). Vulnerability Scanning Tools | OWASP. Owasp.org. Retrieved from
https://owasp.org/www-community/Vulnerability_Scanning_Tools.
Thehackerish. (2021). OWASP Webgoat download and installation - OWASP Top 10 training –
thehackerish. thehackerish. Retrieved from https://thehackerish.com/owasp-top-10-training-how-to-install-owasp-webgoat/.
Veracode. (2020). Veracode.com. Retrieved from
https://www.veracode.com/sites/default/files/pdf/resources/whitepapers/dynamic-analysis-white-paper-veracode.pdf.
Veracode. (2021). Dynamic Analysis Security Testing (DAST) | Veracode. Veracode. Retrieved from https://www.veracode.com/security/dast-test.
We45. (2021). 7 Features that make ZAP Great for Application Security Testing | we45. we45. Retrieved
from https://we45.com/blog/7-features-that-make-zap-great-for-application-security-testing/.
ZAP. (2021). OWASP ZAP – Getting Started. Zaproxy.org. Retrieved from
https://www.zaproxy.org/getting-started/.
ZAP. (2021). The ZAP Homepage. Zaproxy.org. Retrieved from
https://www.zaproxy.org/.
Valuable Resources
Axelrod, C. (2012). Engineering Safe and Secure Software Systems (1st ed.). Artech House.
Bennetts, S. (2013). Blackhat.com. Retrieved from https://www.blackhat.com/docs/us-
14/materials/arsenal/us-14-Bennetts-OWASP-Zap.pdf.
Breachlock. (2021). 3 Opensource Tools for DAST - BreachLock. BreachLock. Retrieved from https://www.breachlock.com/3-opensource-tools-for-dast/.
GitHub. (2021). Maintainer spotlight: How to secure your project with one of the world’s top open
source tools | The GitHub Blog. The GitHub Blog. Retrieved from https://github.blog/2020-07-30-maintainer-spotlight-how-to-secure-your-project-with-one-of-the-worlds-top-open-source-tools/.
GitHub. (2021). Releases · WebGoat/WebGoat. GitHub. Retrieved from
https://github.com/WebGoat/WebGoat/releases.
OWASP. (2021). Static Code Analysis Control | OWASP Foundation. Owasp.org. Retrieved from https://owasp.org/www-community/controls/Static_Code_Analysis.
OWASP. (2021). Vulnerability Scanning Tools | OWASP. Owasp.org. Retrieved from
https://owasp.org/www-community/Vulnerability_Scanning_Tools.
Thehackerish. (2021). OWASP Webgoat download and installation - OWASP Top 10 training –
thehackerish. thehackerish. Retrieved from https://thehackerish.com/owasp-top-10-training-how-to-install-owasp-webgoat/.
Veracode. (2020). Veracode.com. Retrieved from
https://www.veracode.com/sites/default/files/pdf/resources/whitepapers/dynamic-analysis-white-paper-veracode.pdf.
Veracode. (2021). Dynamic Analysis Security Testing (DAST) | Veracode. Veracode. Retrieved from https://www.veracode.com/security/dast-test.
We45. (2021). 7 Features that make ZAP Great for Application Security Testing | we45. we45. Retrieved
from https://we45.com/blog/7-features-that-make-zap-great-for-application-security-testing/.
ZAP. (2021). OWASP ZAP – Getting Started. Zaproxy.org. Retrieved from
https://www.zaproxy.org/getting-started/.
ZAP. (2021). The ZAP Homepage. Zaproxy.org. Retrieved from
https://www.zaproxy.org/.