422.4 Protecting against attacks

Overview

This section focuses on common types of software attacks and how to protect systems from them. These attacks exploit specific coding mistakes, misconfigurations, or oversights in the way software handles user input, data, or system access.

While secure design and good coding practices can reduce the overall risk, developers must also understand specific categories of attacks and how to recognise and prevent them. Each topic in this section explores a particular vulnerability and provides strategies for defence.

Attacks can be simple or sophisticated, but most succeed because of basic errors in validation, session handling, or access control. By studying these threats, students learn how to code more defensively and evaluate system behaviour through a security lens.

Targets

In this section, students learn to:

• Recognise common patterns of attack against software systems

• Describe how vulnerabilities such as XSS, broken authentication, and race conditions occur

• Apply coding and design techniques to prevent these attacks

• Evaluate system behaviour in response to invalid, malicious, or unexpected input