Defensive Programming for COBOL


Building on the Foundations of COBOL Security course, this module explores specific defensive programming techniques to create secure COBOL programs. The course follows a well-established software security vulnerability taxonomy to walk students through a set of defensive programming best practices that are applicable to the COBOL environment. The vision behind the course is to teach secure developer behaviors that follow the principle of defense-in-depth and will help prevent COBOL programs from being the weakest link in the enterprise security chain. Among other techniques covered, the course discusses COBOL-specific methods for input validation, secure database interactions, secure error handling, and proper resource synchronization.

Course Themes

  • Demonstrate methods to ensure secure input validation and data representation in your applications
  • Recommend best-practices to avoid code quality issues
  • Outline implementation strategies for error handling and other security features

Learning Objectives

  • Confidently discuss the guiding principles for secure design
  • Apply best practice COBOL defensive programming techniques
  • Confidently discuss the software security touch points for COBOL programs


Delivery Format: eLearning

Duration: 1/2 hour

Level: Advanced

Intended Audience: 

  • Developers
  • QA Engineers
  • Architects
  • Application Security Specialists
  • Code Auditors

Get more course information