Fundamentals of Secure Development
This course introduces you to the need for secure software development and best practices.
Fundamentals Secure Mobile Development
This course introduces developers to the common risks associated with Mobile applications including client side injection, sensitive data handling, network transition, application patching, web based attacks, phishing, third-party code, location security and privacy and denial of service. The student is then given an overview of the Mobile application development best practices to reduce these risks including input validation, output encoding, least privilege, code signing, data protection at rest and in transit, avoiding client side validation, and using platform security capabilities as they apply in mobile environments. Included is a discussion of threat modeling mobile applications. With knowledge checks throughout, the student who completes this course will have an understanding of mobile environment threats and risks, and the programming principles to use to address them.
Fundamentals of Secure Database Development
This course provides software architects/developers with an understanding of database development best practices.
Fundamentals of Secure Cloud Development
This course introduces developers to the common risks associated with Cloud applications, including the security features of the different series models (IaaS, PaaS, and Saas), how to identify and mitigate the most common vulnerabilities, the unique security challenges of “Big Data”, and how to apply the Microsoft SDL to cloud applications. Threat coverage includes unauthorized account access, insecure APIs, shared technology, data leakage, and account hijacking, as well the importance of complying with regulatory requirements. With knowledge checks throughout, the student who completes this course will have an understanding of cloud computing threats and risks, and the programming principals to use to address them.
Fundamentals of Secure AJAX Code
This course introduces security issues and challenges specific to AJAX applications.
Fundamentals of Secure Embedded Software Development
This course teaches about security issues inherent to IoT embedded device architecture techniques to identify system security and performance requirements.
Identifying Threats to Mainframe COBOL Applications and Data
This course covers the most common security issues that affect the confidentiality, integrity, and availability of COBOL programs on mainframes.
Fundamentals of Secure Mobile Development for IoT Embedded Systems
This course provides additional training on Secure Mobile Development pertaining to embedded software engineers.
Creating Secure Code – Java Foundations
In this course, you will learn best practices and techniques for secure application development in Java. It discusses input validation, the Java security model, Java Authentication and Authorization Service (JAAS), and public key cryptography.
Creating Secure Code – C/C++ Foundations
This course presents best practices and techniques for secure application development in C/C++. It discusses basic application security principles, input validation in C/C++, common C/C++ application security vulnerabilities and mitigations, protecting data in C/C++, and conducting security code reviews.
Creating Secure Code – .NET Framework Foundations
This course describes .NET 4 security features, including concepts such as Code Access Security (CAS) and .NET cryptographic technologies. In addition, this course will introduce you to security changes in .NET 4 including level 2 security transparency, the new sandboxing and permission model, introduction of conditional APTCA, and changes to evidence objects and collections. This course provides secure coding best practices that will enable students to build more secure applications in .NET 4.
Creating Secure Code - SAP ABAP Foundations
This course discusses best practices and techniques for secure SAP application development using Java and ABAP.
PCI DSS v3.2 Best Practices for Developers
This course provides software developers an understanding of PCI-DSS Version 3.2 application security issues.
Creating Secure SQL Server and Azure SQL Database Applications
In this course, you will learn how to protect sensitive data and while ensuring the integrity of applications running on the Microsoft SQL Server Engine and Azure SQL Database.
Creating Secure AJAX Code - ASP.NET Foundations
This course introduces secure ASP.NET coding principles for AJAX applications.
Creating Secure AJAX Code - Java Foundations
This course introduces secure Java coding principles for AJAX applications.
Creating Secure AWS Cloud Applications
This course examines the security vulnerabilities, threats, and mitigations for AWS cloud computing services.
Creating Secure Azure Applications
This course examines the security vulnerabilities, threats, and mitigations for Azure cloud computing services.
Creating Secure Code - Web API Applications
This course introduces the fundamentals of secure web services development.
Creating Secure Code - Ruby on Rail Foundations
This course teaches best practices and techniques for secure application development with Ruby on Rails.
Creating Secure Python Web Applications
In this course, you will learn about best practices and techniques for secure web application development with Python.
Creating Secure COBOL and Mainframe Applications
This course covers countermeasures for security vulnerabilities on the mainframe, such as input validation, parameterized APIs, strong cryptography, and being aware of memory management issues.
Creating Secure ASP.NET MVC Applications
In this course, you will learn about ASP.NET MVC and Web API code security issues that affect MVC and Web API applications. You'll learn methods to protect your application from attacks against MVC’s model-binding behavior, as well as methods to protect your application from cross-site scripting, cross-site request forgery, and malicious URL redirects. You will also study the Web API pipeline and how to implement authentication and authorization in Web API applications.
Creating Secure C/C++ Code
In this course, you will learn techniques for securing your C/C++ applications. You will learn about secure memory management in C/C++, protecting and authenticating sensitive data with symmetric and public key cryptography, and secure communications with TLS.
Creating Secure Java Code
In this course, you will learn how to identify and mitigate the most common Java code security vulnerabilities such as Injection, Overflows, Cross-Site Scripting and Information Disclosure. This course also describes how to use symmetric and asymmetric cryptography to protect data and applications in Java.
Creating Secure C# Code
This course describes methods to produce secure C# applications. It presents common security vulnerabilities that can be mitigated by proper input validation, other common security vulnerabilities and their mitigations, secure error handling and logging, and secure communication. The course also discusses unique features of C# and the .NET Framework that help protect against security vulnerabilities.
Creating Secure PHP Code
This course teaches PHP programmers the security principals needed to build secure PHP applications.
Creating Secure iOS Code in Swift
In this course you will learn how to identify the most common iOS application security vulnerabilities, including Insecure Data Storage, Side Channel Data Leakage, Client Side Injection, Custom URL Scheme Abuse, Stack Smashing and Self-Signed Certificates. You will learn how to mitigate these threats by leveraging iOS and Swift security services while also implementing secure coding best practices, including Secure Memory Management, Automatic Reference Counting, Enabling Position Independent Executable, Secure Data Storage, Communicating Over HTTPS, App Transport Security, TLS Certificate Pinning, Asymmetric Encryption, Parameterized SQL Queries, Validating Path Location Input and Implementing Apple Pay.
Creating Secure Android Code in Java
In this course you will learn how to identify and mitigate the most common Android application security vulnerabilities and attack vectors, including: Weak Server Side Controls, Threats to Data, SQL Injection, Cross-Site Scripting (XSS), Session Hijacking, Threats to User Privacy and Confidentiality, Native Code Attacks, and Missing Data Encryption. Mitigation and best-practices include the Android software stack, the Android security model, access control methods, sandboxing, interprocess communications and implementing the security features of open-source developer tools.
Creating Secure HTML5 Code
This course provides in depth coverage on how to mitigate the most dangerous threats to HTML5 applications. It includes coverage of HTML5 Forms, WebSocket API, Server-Sent Events (SSE), Node.js security, jQuery security, the GPS API, static code analysis, and security packages. Upon completion of this class you will be able to identify key threats to your HTML5 application and then mitigate those threats by (1) leveraging built-in HTML5 security features and (2) implementing secure coding best practices.
Creating Secure jQuery Code
Learn about the most common threats to jQuery applications and how to mitigate these vulnerabilities.
Integer Overflows - Attacks and Countermeasures
This course covers the security concepts that will enable students to develop robust, secure applications.
Buffer Overflows - Attacks and Countermeasures
This course provides information to understand, avoid and mitigate the risks posed by buffer overflows.
Creating Secure Code - .NET (C#)
This Instructor-Led course gives developers an in-depth immersion into secure coding practices, with an emphasis on the security features and pitfalls of the .NET programming environment.
Attacker Techniques Exposed: Threats, Vulnerabilities, and Exploits
This Instructor-Led course examines trends in software vulnerabilities, demonstrates examples of security breaches, explores a wide range of live software vulnerabilities, and introduces threat modeling techniques.
Creating Secure Code - J2EE Applications
This Instructor-Led course gives developers an in-depth immersion into secure coding practices with an emphasis on the security features and pitfalls of the Java programming environment.
Creating Secure Code - iOS
In this Instructor-Led course, participants will learn to develop and deploy secure iPhone applications by leveraging Apple’s security libraries and frameworks.
Creating Secure Code - Android
This Instructor-Led course helps participants develop secure Android applications by applying Android-specific secure development techniques.
Creating Secure Code - Embedded C/C++
This Instructor-Led course examines coding errors and vulnerabilities in the context of embedded C/C++ programming and provides detailed code examples of insecure practices and methods to find, fix, and prevent each type of flaw.
Security Code Review
This Instructor-Led course presents the primary techniques used to conduct a security code review, with the focus of identifying potential security vulnerabilities.