The aim of this module is to teach the theory and practice of secure software development in the context of managed languages (e.g. Java and C#) and in web-based solutions (e.g. JavaScript and online data sources). As such the module will cover both managed software development and web-based software development, and how we can integrate security throughout the Software Development Lifecycle (SDLC). An indicative list of the topics includes:• Common Web vulnerabilities (e.g. XSS, CSRF, SQL Injection) and the corresponding countermeasures.• Log management & intrusion detection mechanisms.• Securing data at rest and in transit.• Authentication and session management.• JSON Web Tokens.• Race condition and safe-IO.• Secure SDLC and security testing.