Secure Applications: Managing the Deployment Infrastructure

Harvard Extension School

CSCI E-117

Section 1

CRN 26436

Begin Registration
You have spent time designing, developing, and testing your web-facing, internet accessible, or internet of things (IoT) product and have released it into a world of ever-changing and constantly more aggressive cyber threats. How do you know if you can handle a data breach or a cybersecurity compromise? How do you continue to protect the data your application processes and keep your application available and secure, and how do you prove this to your customers? Thanks to the President's Executive Order (EO) 14028 on Improving the Nation's Cybersecurity, the US Securities and Exchange Commission cybersecurity actions, and the latest technology advances (such as generative artificial intelligence [AI]), this is getting harder and more time consuming. In this course, we work through the steps to secure your product and its operating environment, including prioritizing how we protect the asset classes that make up your environment beyond just the software application itself (so, the networks, devices, applications, data, and users that support your product) and how to detect and respond to attacks against the overall ecosystem and individual assets. Course content includes threats, exploits, and compromises drawn from the news (sadly there are always pertinent things in the cybersecurity news that we can use as the basis of discussion), as well as the Cybersecurity and Infrastructure Security Agency (CISA's) Zero Trust Maturity Model, CISA's Known Exploitable Vulnerability (KEV) lists, risk management concepts, and whatever is topical at the time in the news.

Instructor Info

Heather Hinton, PhD

Chief Information Security Officer in Residence, Professional Association of CISOs


Meeting Info

T 5:10pm - 7:10pm (1/27 - 5/17)

Participation Option: Online Asynchronous or Online Synchronous

In online asynchronous courses, you are not required to attend class at a particular time. Instead you can complete the course work on your own schedule each week.

Deadlines

Last day to register: January 23, 2025

Prerequisites

CSCI E-149a or experience with security software development principles. A basic understanding of security threats, tools, and landscape.

Notes

This course meets via web conference. Students may attend at the scheduled meeting time or watch recorded sessions asynchronously. Recorded sessions are typically available within a few hours of the end of class and no later than the following business day.

Syllabus

All Sections of this Course

CRN Section # Participation Option(s) Instructor Section Status Meets Term Dates
26436 1 Online Asynchronous, Online Synchronous Heather Hinton Open T 5:10pm - 7:10pm
Jan 27 to May 17