Embedded Architect Curriculum
This curriculum discusses best practices for the design of secure software for embedded systems.
Software Architect Curriculum
The Software Architect curriculum trains practitioners on how to build security into software.
IT Architect Curriculum
This curriculum discusses best practices for the design of secure software for IT architects.
Information Privacy and Security Awareness for Executives
This introductory course provides decision-makers and managers with a concise summary of essential Information Security and Privacy Awareness requirements. Content is aligned with topics contained in our standard Information Security and Privacy Awareness courses, ensuring that managers and staff are focused on the same objectives.
Information Privacy Classifying Data
This introductory course is designed for general staff in roles such as human resources, legal, marketing, finance, sales, operations and customer service. This course equips employees to recognize the importance of understanding what constitutes private data.
Information Privacy Protecting Data
This introductory course is designed for general staff in roles such as human resources, legal, marketing, finance, sales, operations and customer service. This course equips employees to recognize the importance of understanding what constitutes private data and how to behave in a proactive manner to protect this information in their everyday work.
This security awareness course is intended to teach students how to recognize malicious email before it can become a threat, how to properly handle email, and best practices around how and when to use email to send specific types of information.
This course teaches students how to identify and define types of malware, including ransomware.
This course is intended to give students a look at mobile device security.
This course is intended to teach students how to create and remember strong passwords, therefore eliminating the need to use insecure practices.
This course is intended to teach students to follow the PCI Security Standards in order to understand how to identify different types of sensitive data and handle it properly.
This security awareness course teaches students to recognize malicious email from phishing attempts before it becomes a threat.
This course is intended to teach students accepted practices for minimizing breaches and give them the ability to identify different types of data that may be exposed via hardware theft.
Social Engineering Awareness
This course is intended to teach students how to identify the many forms of social engineering and its potential impacts.
This security awareness course is intended to introduce students to the risks associated with transporting sensitive data.
Fundamentals of Application Security
This course sets the foundation for understanding application security throughout the development process.
Information and Application Security Awareness
This Instructor-Led course examines the root cause of software vulnerabilities, how attackers view your applications, the true cost of software vulnerabilities, and how to integrate security into your development and IT organizations.
Fundamentals of Secure Development
This course introduces you to the need for secure software development and best practices.
Fundamentals of Secure Mobile Development
This course introduces developers to the common risks associated with mobile applications.
Fundamentals of Secure Database Development
This course provides software architects/developers with an understanding of database development best practices.
Fundamentals of Secure Cloud Development
This course introduces developers to the common risks associated with cloud applications.
Fundamentals of Secure AJAX Code
This course introduces security issues and challenges specific to AJAX applications.
Fundamentals of Secure Embedded Software Development
This course teaches about security issues inherent to IoT embedded device architecture techniques to identify system security and performance requirements.
Identifying Threats to Mainframe COBOL Applications and Data
This course covers the most common security issues that affect the confidentiality, integrity, and availability of COBOL programs on mainframes.
Fundamentals of Secure Mobile Development for IoT Embedded Systems
This course provides additional training on Secure Mobile Development pertaining to embedded software engineers.
Creating Secure Code - Java Foundations
In this course, you will learn best practices and techniques for secure application development in Java.
Creating Secure Code - C/C++ Foundations
This course presents best practices and techniques for secure application development in C/C++.
Creating Secure Code - .NET Framework Foundations
This course describes .NET 4 security features and changes.
Creating Secure Code - SAP ABAP Foundations
This course discusses best practices and techniques for secure SAP application development using Java and ABAP.
PCI DSS v3.2 Best Practices for Developers
This course provides software developers an understanding of PCI-DSS Version 3.2 application security issues.
Creating Secure AJAX Code - ASP.NET Foundations
This course introduces secure ASP.NET coding principles for AJAX applications.
Creating Secure AJAX Code - Java Foundations
This course introduces secure Java coding principles for AJAX applications.
Creating Secure AWS Cloud Applications
This course examines the security vulnerabilities, threats, and mitigations for AWS cloud computing services.
Creating Secure Azure Applications
This course examines the security vulnerabilities, threats, and mitigations for Azure cloud computing services.
Creating Secure Code - Web API Applications
This course introduces the fundamentals of secure web services development.
Creating Secure Code - Ruby on Rail Foundations
This course teaches best practices and techniques for secure application development with Ruby on Rails.
Creating Secure Python Web Applications
In this course, you will learn about best practices and techniques for secure web application development with Python.
Creating Secure COBOL and Mainframe Applications
This course covers countermeasures for security vulnerabilities on the mainframe, such as input validation, parameterized APIs, strong cryptography, and being aware of memory management issues.
IoT Embedded Systems Security - C/C++ Foundations
This course module provides additional training on C/C++ Foundations pertaining to embedded software engineers.
Creating Secure ASP.NET MVC Applications
In this course, you will learn about ASP.NET MVC and Web API code security issues that affect MVC and Web API applications.
Creating Secure C/C++ Code
In this course, you will learn techniques for securing your C/C++ applications.
Creating Secure Java Code
In this course, you will learn how to identify and mitigate the most common Java code security vulnerabilities such as Injection, Overflows, Cross-Site Scripting and Information Disclosure.
Creating Secure C# Code
This course describes methods to produce secure C# applications.
Creating Secure PHP Code
This course teaches PHP programmers the security principals needed to build secure PHP applications.
Creating Secure iOS Code in Swift
In this course you will learn how to identify the most common iOS application security vulnerabilities, including Insecure Data Storage, Side Channel Data Leakage, Client Side Injection, Custom URL Scheme Abuse, Stack Smashing and Self-Signed Certificates.
Creating Secure Android Code in Java
In this course you will learn how to identify and mitigate the most common Android application security vulnerabilities and attack vectors.
Creating Secure HTML5 Code
This course provides in depth coverage on how to mitigate the most dangerous threats to HTML5 applications.
Creating Secure jQuery Code
Learn about the most common threats to jQuery applications and how to mitigate these vulnerabilities.
Creating Secure C/C++ Code for IoT Embedded Systems
This module provides additional training on “Creating Secure C/C++ Code” specifically for IoT embedded software engineers.
Integer Overflows - Attacks and Countermeasures
This course covers the security concepts that will enable students to develop robust, secure applications.
Buffer Overflows - Attacks and Countermeasures
This course provides information to understand, avoid and mitigate the risks posed by buffer overflows.
Creating Secure Code - .NET (C#)
This Instructor-Led course gives developers an in-depth immersion into secure coding practices, with an emphasis on the security features and pitfalls of the .NET programming environment.
Attacker Techniques Exposed: Threats, Vulnerabilities, and Exploits
This Instructor-Led course examines trends in software vulnerabilities, demonstrates examples of security breaches, explores a wide range of live software vulnerabilities, and introduces threat modeling techniques.
PCI Bootcamp for Software Development Teams
This Instructor-Led course introduces the PCI-DSS to those responsible for compliance in software development.
Creating Secure Code - J2EE Applications
This Instructor-Led course gives developers an in-depth immersion into secure coding practices with an emphasis on the security features and pitfalls of the Java programming environment.
Creating Secure Code - iOS
In this Instructor-Led course, participants will learn to develop and deploy secure iPhone applications by leveraging Apple’s security libraries and frameworks.
Creating Secure Code - Android
This Instructor-Led course helps participants develop secure Android applications by applying Android-specific secure development techniques.
Creating Secure Code - Embedded C/C++
This Instructor-Led course examines coding errors and vulnerabilities in the context of embedded C/C++ programming and provides detailed code examples of insecure practices and methods to find, fix, and prevent each type of flaw.
Fundamentals of Secure Architecture
In this course, students will examine the state of the industry from a security perspective.
Fundamentals of Cryptography
This course examines the basic concepts of cryptography and common ways it is applied.
Architecture Risk Analysis and Remediation
This course defines techniques for analyzing the architecture/design of a software system for security flaws.
Introduction to Security Tools & Technologies
In this course, you will learn about the importance of designing and implementing secure access controls across the enterprise infrastructure.
OWASP Top Ten - Threats and Mitigations
This course examines in depth the vulnerabilities, threats, and mitigations in the OWASP Top 10.
OWASP Top Threats and Mitigations
This free course examines in depth the vulnerabilities, threats, and mitigations for the top five web application vulnerabilities identified in the OWASP list.
Architecture Risk Analysis & Remediation for IoT Embedded Systems
This module provides additional risk analysis and remediation training pertaining to IoT embedded software engineers.
Creating Secure Application Architecture
This course covers key principles used to increase security of application architecture and design.
Creating Secure OTA (Over the Air) Automotive System Updates
In this course, participants will learn about the secure design considerations for over-the-air (OTA) updates for automotive systems.
Creating Secure Application Architecture for IoT Embedded Systems
This module provides additional training on Creating Secure Application Architecture pertaining to IoT embedded software engineers.
OWASP Top Ten - Threats and Mitigations
This Instructor-Led course introduces students to OWASP and the Top 10 Project, and covers in detail each of the OWASP Top 10 Web Application Vulnerabilities.
CWE/SANS Top 25 - Threats & Mitagations
This Instructor-Led course covers in detail the CWE/SANS Top 25 Most Dangerous Programming Errors, which comprises weaknesses in all types of software applications.
Secure Architecture and Design
This Instructor-Led course addresses this gap by allowing students to use their own software application in lab-based exercises.
Mobile Developer Curriculum
This curriculum explains how to identify common mobile application risks and utilize best practices.
Cloud Developer Curriculum
This curriculum provides developers with a clear understanding of the risks associated with cloud computing.
Embedded Developer Curriculum
This curriculum provides a thorough grounding in application security concepts across the fundamental courses.
Java Developer Curriculum
Our Java Developer curriculum provides a thorough grounding in Java application security concepts.
.NET Developer Curriculum
The .NET Developer curriculum provides developers with a solid foundation in .NET security features.
C/C++ Developer Curriculum
The C/C++ Developer curriculum gives C/C++ specialists a thorough grounding in application security concepts.
Web 2.0 Developer Curriculum
This curriculum explains how to understand, avoid, and mitigate the risks posed by web vulnerabilities.
Database Developer Curriculum
The Database Developer Curriculum provides developers with the fundamentals of secure database development and the common database attacks that could be used to cause significant loss to organizations.
PCI DSS Developer Curriculum
The PCI DSS Developer curriculum provides organizations with the tools required to meet the Payment Card Industry Data Security Standards (PCI DSS) for systems that transmit, process, or store cardholder data.
PHP Developer Curriculum
The PHP Developer curriculum is designed to support the PHP developer.
The Automotive Developer curriculum provides automotive embedded systems professionals with the knowledge and skills required to deploy security throughout the development process from design to deployment.
How to Integrate the Microsoft MS SDL into Your SDLC
Learn the fundamentals of the Microsoft Security Development Lifecycle (SDL) process. [*Course release date: 10/1/2017]
How to Create Application Security Design Requirements
This course examines how to apply the application security maturity model to the development process.
How to Create an Application Security Threat Model
This course will identify goals of threat modeling and the corresponding Software Development Lifecycle requirements.
Attack Surface Analysis and Reduction
Learn about attack surface analysis and reduction as an exercise in risk reduction.
How to Perform a Security Code Review
Learn how to perform a security code review from start to finish.
How to Create an Automotive Systems Threat Model
This course provides step-by-step instructions for performing threat modeling and its recommendations are aligned with the NHTSA’s proposed “Characterization of Potential Security Threats in Modern Automobiles."
Create an Application Security Threat Model for IoT Embedded Systems
Learn how to create an application security threat model for IoT embedded systems.
Attack Surface Analysis and Reduction for IoT Embedded Systems
Learn about attack surface analysis and reduction for IoT embedded systems.
How to Perform a Security Code Review for ioT Embedded Systems
Learn how to perform an IoT embedded system security code review from start to finish.
Effective Threat Modeling
This Instructor-Led course introduces the technique of threat modeling, its primary goals, and its role within software development.
Security Code Review
This Instructor-Led course presents the primary techniques used to conduct a security code review, with the focus of identifying potential security vulnerabilities.
T.P.S.S.E. Certification Test Prep
Prepare for the T.P.S.S.E. certification exam with this prep course covering foundational skills.
Project Manager Curriculum
This curriculum provides a baseline of application security knowledge for managers leading application development projects.
Systems Leadership Curriculum
This curriculum provides a comprehensive baseline of application security knowledge for managers leading application development and design projects.
Embedded QA/Test Curriculum
This curriculum explains techniques for verifying and assuring application security.
This curriculum teaches software testers and quality assurance professionals how to verify application security.
Fundamentals of Security Testing
This course introduces security testing concepts that help students analyze an application from a security perspective.
Fundamentals of Security Testing for IoT Embedded Systems
This course provides additional security testing training of particular importance to IoT embedded software engineers.
Testing for CWE SANS Top 25 Software Errors
In this course, you will learn how to identify and mitigate each of the CWE's 25 Most Dangerous Software Errors.
How to Test for the OWASP Top 10
This course is critical to know how to test for the OWASP Top Ten.
Classes of Security Defects - IoT Embedded Systems
This course provides additional training on Classes of Security Defects pertaining to IoT embedded software engineers.
Advanced Software Security Testing - Tools and Techniques
This course delves deeply into the techniques for testing specific security weaknesses.
Exploiting Buffer Overflows
This course provides students with the required information to help understand and mitigate buffer overflow exploits.
IoT Advanced Embedded Software Security Testing
This course module provides additional Software Security Testing of particular importance to IoT embedded software engineers.
Advanced Web Application Security Testing
This Instructor-Led course examines many important web vulnerabilities like HTML5 attacks, business logic attacks, web services attacks, and AJAX/JSON specific vulnerabilities and issues.