Go Security Programming

Learn how to develop secure applications in Go. The Go Security Programming class provides both the contextual and technical details necessary to design and code secure applications and systems. The CIA Triad is an essential concept in cybersecurity and describes the pillars of any secure application: confidentiality, integrity, and availability. In this class, you will learn how to implement the CIA Triad. Because of the internet, applications are becoming more interconnected across corporate and personal boundaries. This creates a massive opportunity for exploitation and breaches of security. You will learn techniques from securing network communication, such as cryptography and token authentication. The course presents secure coding techniques, such as randomization with entropy, not accepting raw input, canonization, and more. During class, you will review common vulnerabilities, attacks, and mitigation. Injection attacks, buffer overflow, cross-site scripting, DLL preloading attack, and other attacks, are presented to provide students practical security experience. Cryptography is a consistent topic throughout the class: hashing to assure integrity and encryption to provide secrecy. Various crypto algorithms are introduced, such as SHA-2 and AES, and scenario where they are applied. The final module is about token authentication. Token authentication is effective for network security in a stateless environment. Go has JSON web tokens (JWT) for token authentication. You will develop a web service using JWT in a walkthrough.