12. Module ContentThe aim of this module is to teach the theory and practice of secure software development in the context of managed languages (e.g. Java and C#) and in web-based solutions (e.g. JavaScript and online data sources). As such, the module will cover both managed software development and web-based software development, and how we can integrate security throughout the Software Development Lifecycle (SDLC). An indicative list of the topics includes:Secure software – The SDLC and security, security architectures, legacy systemsWeb Technologies – including overview, Server configuration, HTTP, Web services, Authentication mechanisms, Session managementSoftware vulnerabilities – including OWASP Top 10, common coding errorsWeb application security – including XXS, CSRF, Authentication bypass, XXEDatabase Security – SQLiServer-side and Client-side Security – including preventing client and server attacksData validation – including input validation, encoding, parameterised queriesEncryption - including certificates, and Architectures such as JCASecurity Testing Source Code Review – including Code Analysis Tools