You are here

Software Security Foundations

Wednesday, March 25, 2015
Fee and Application.
This course is offered through the Stanford School of Professional Education as part of the Stanford Advanced Computer Security Certificate.

Applications may be submitted online at anytime. Sample Application


This course covers 3 specific topic areas:

Computer Security Principles covers security objectives such as authentication, authorization, access control, confidentiality, data integrity, and non-repudiation. The module also covers software design principles including the principles of least privilege, fail-safe stance, and defense-in-depth.

Introduction to Cryptography covers both symmetric encryption and public-key cryptography, discussing how they are used to achieve security goals and build PKI (Public-Key Infrastructure) systems. The module also covers DES, 3DES, AES, RC4, RSA, ECC, MD5, SHA-1, X.509, digital signatures, and all cryptographic primitives necessary to understand PKI. Diffie-Hellman key exchange and man-in-the-middle attacks will also be discussed.

Secure Programming Techniques discusses the threats that worms and hackers present to software and the programming techniques that developers can use to defend against software vulnerabilities such as buffer overflows, SQL injection, and off-line dictionary attacks. The module also covers common mistakes made in using cryptographic libraries and how they can be avoided.


Topics Include

  • Computer Security Principles
  • Introduction to Cryptography
  • Secure Programming Techniques


We recommend you have the equivalent of a BS in Computer Science and a background in security.

We highly recommend that you take this course, Software Security Foundations (XACS101) as the 1st course within the Stanford ACS certificate program. It provides the fundamentals necessary for the subsequent courses in the program.


  • $595 for Software Security Foundations
  • $75 one-time document fee