• Close
  • Training
    • CMD+CTRL Base Camp
    • Courses
      • Overview
      • Features
      • Learning Paths
      • Course Catalog
      • Customer Success
      • Try it
    • Labs
    • Cyber Range
      • Overview
      • Environments & Modes
      • Reporting
      • Customer Success
      • Get Started
    • Try it | Lab Journey series
    • Try it | Take the AppSec Challenge
  • Services
    • Overview
    • Software Penetration Testing
      • Pen testing Overview
      • IoT Pen Testing
      • Mobile Pen Testing
      • Cloud & Web Penetration Testing
      • Blockchain Pen Testing
      • Our Difference
    • Application Security Consulting
      • Secure SDLC (SSDLC) Consulting
      • Application Security Code Review
      • Architecture & Design Review
      • Medical Device Threat Modeling
    • Infrastructure Security Consulting
      • Attack Simulation
      • Cloud Security Configuration
      • Security Tabletop Consulting
  • Solutions
    • Cloud & Web
    • Mobile
    • IoT & Embedded
    • Blockchain
  • Resources
    • Guides & Case Studies
    • Webinars
  • About Us
    • Company Overview
    • 20 Years of Innovation
    • Closing the Skills Gap
    • Diversity, Equity & Inclusion
    • Clients
    • Leadership
    • Careers
    • News & Events
    • Contact
  • Let’s Talk
  • Ed TALKS
  • We’re Hiring
  • Blog
  • Course Catalog
Security Innovation
  • Ed TALKS
  • We’re Hiring
  • Blog
  • Course Catalog
  • Training
    • CMD+CTRL Base Camp
    • Courses
      • Overview
      • Features
      • Learning Paths
      • Course Catalog
      • Customer Success
      • Try it
    • Labs
    • Cyber Range
      • Overview
      • Environments & Modes
      • Reporting
      • Customer Success
      • Get Started
    • Try it | Lab Journey series
    • Try it | Take the AppSec Challenge
  • Services
    • Overview
    • Software Penetration Testing
      • Pen testing Overview
      • IoT Pen Testing
      • Mobile Pen Testing
      • Cloud & Web Penetration Testing
      • Blockchain Pen Testing
      • Our Difference
    • Application Security Consulting
      • Secure SDLC (SSDLC) Consulting
      • Application Security Code Review
      • Architecture & Design Review
      • Medical Device Threat Modeling
    • Infrastructure Security Consulting
      • Attack Simulation
      • Cloud Security Configuration
      • Security Tabletop Consulting
  • Solutions
    • Cloud & Web
    • Mobile
    • IoT & Embedded
    • Blockchain
  • Resources
    • Guides & Case Studies
    • Webinars
  • About Us
    • Company Overview
    • 20 Years of Innovation
    • Closing the Skills Gap
    • Diversity, Equity & Inclusion
    • Clients
    • Leadership
    • Careers
    • News & Events
    • Contact
  • Let’s Talk

Course Catalog / Subject / Platform

Platform

View All Courses     Download Course Catalog

LAB 335 ATT&CK: Unsecured Credentials


12 Minutes
Elite

LAB 334 ATT&CK: Create Account


12 Minutes
Elite

LAB 332 ATT&CK: Network Share Discovery


12 Minutes
Elite

LAB 331 ATT&CK: Network Service Discovery


12 Minutes
Elite

LAB 262 Defending Node.js Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 261 Defending Python Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 260 Defending C# Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 236 Defending Java Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 130 Identifying Generation of Predictable Numbers or Identifiers


5 Minutes
Core

LAB 129 Identifying Error Message Containing Sensitive Information


5 Minutes
Core

LAB 128 Identifying Unverified Password Change


5 Minutes
Core

LAB 127 Identifying Security Logging and Monitoring Failures


5 Minutes
Core

API 213 Mitigating APIs Mass Assignment


15 Minutes
Advanced

API 214 Mitigating APIs Improper Asset Management


15 Minutes
Advanced

DES 314 Hardening the Docker Engine


15 Minutes
Elite

LAB 253 Defending Python Applications Against Weak PRNG (NEW)


10 Minutes
Advanced

LAB 247 Defending Node.js Applications Against Weak PRNG (NEW)


10 Minutes
Advanced

LAB 229 Defending Java Applications Against Weak PRNG (NEW)


10 Minutes
Advanced

LAB 239 Defending C# Applications Against Weak PRNG (NEW)


10 Minutes
Advanced

LAB 252 Defending Python Applications Against Weak AES ECB Mode Encryption (NEW)


10 Minutes
Advanced

LAB 246 Defending Node.js Applications Against Weak AES ECB Mode Encryption (NEW)


10 Minutes
Advanced

LAB 228 Defending Java Applications Against Weak AES ECB Mode Encryption (NEW)


10 Minutes
Advanced

LAB 238 Defending C# Applications Against Weak AES ECB Mode Encryption (NEW)


10 Minutes
Advanced

LAB 249 Defending Python Applications Against Plaintext Password Storage (NEW)


10 Minutes
Advanced

LAB 245 Defending Node.js Applications Against Plaintext Password Storage (NEW)


10 Minutes
Advanced

LAB 235 Defending Java Applications Against Plaintext Password Storage (NEW)


10 Minutes
Advanced

LAB 251 Defending C# Applications Against Plaintext Password Storage (NEW)


10 Minutes
Advanced

LAB 254 Defending Python Applications Against Parameter Tampering (NEW)


10 Minutes
Advanced

LAB 248 Defending Node.js Applications Against Parameter Tampering (NEW)


10 Minutes
Advanced

LAB 234 Defending Java Applications Against Parameter Tampering (NEW)


10 Minutes
Advanced

LAB 250 Defending C# Applications Against Parameter Tampering (NEW)


10 Minutes
Advanced

LAB 126 Identifying Information Leakage (NEW)


5 Minutes
Core

LAB 125 Identifying Buffer Overflow (NEW)


5 Minutes
Core

LAB 124 Identifying Horizontal Privilege Escalation (NEW)


5 Minutes
Core

LAB 111 Identifying Server-Side Request Forgery (NEW)


5 Minutes
Core

CYB 210 Cybersecurity Incident Response (NEW)


12 Minutes

DES 313 Hardening a Kubernetes Cluster (NEW)


20 Minutes
Elite

API 211 Mitigating APIs Broken Object Level Authorization (NEW)


15 Minutes
Advanced

API 210 Mitigating APIs Lack of Resources & Rate Limiting (NEW)


15 Minutes
Advanced

LAB 324 ATT&CK: Exploiting Java Web Application Server Misconfiguration (NEW)


12 Minutes
Elite

LAB 323 ATT&CK: Exploiting Vulnerable Java Web Application Server Software (NEW)


12 Minutes
Elite

LAB 315 ATT&CK: Updating Vulnerable Java Web Application Server Software (NEW)


12 Minutes
Elite

LAB 244 Defending Java Applications Against Security Misconfiguration (NEW)


12 Minutes
Advanced

LAB 243 Defending Python Applications Against eXternal XML Entity (XXE) Vulnerabilities (NEW)


10 Minutes
Advanced

LAB 242 Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities (NEW)


10 Minutes
Advanced

LAB 241 Defending C# Applications Against eXternal XML Entity (XXE) Vulnerabilities (NEW)


10 Minutes
Advanced

LAB 240 Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities (NEW)


10 Minutes
Advanced

LAB 223 Defending Node.js Applications Against SQL Injection (NEW)


10 Minutes
Advanced

LAB 222 Defending Python Applications Against SQL Injection (NEW)


10 Minutes
Advanced

LAB 221 Defending C# Applications Against SQL Injection (NEW)


10 Minutes
Advanced

LAB 123 Identifying Vertical Privilege Escalation (NEW)


5 Minutes
Advanced

LAB 122 Identifying Insecure APIs (NEW)


5 Minutes
Advanced

LAB 121 Identifying Vulnerable and Outdate Components (NEW)


5 Minutes
Advanced

LAB 113 Identifying Cryptographic Failures (NEW)


5 Minutes
Advanced

SDT 310 Testing for Security Logging and Monitoring Failures (NEW)


10 Minutes
Elite

SDT 309 Testing for Vulnerable and Outdated Components (NEW)


10 Minutes
Elite

SDT 308 Testing for Software and Data Integrity Failures (NEW)


10 Minutes
Elite

SDT 307 Testing for Server-Side Request Forgery (SSRF) (NEW)


10 Minutes
Elite

SDT 306 Testing for Security Misconfiguration (NEW)


10 Minutes
Elite

SDT 305 Testing for Broken Access Control (NEW)


10 Minutes
Elite

SDT 304 Testing for Insecure Design (NEW)


10 Minutes
Elite

SDT 303 Testing for Cryptographic Failures (NEW)


10 Minutes
Elite

SDT 302 Testing for Identification and Authentication Failures (NEW)


10 Minutes
Elite

SDT 301 Testing for Injection (NEW)


10 Minutes
Elite

DES 241 Mitigating OWASP 2021 Security Logging and Monitoring Failures (NEW)


12 Minutes
Advanced

DES 240 Mitigating OWASP 2021 Vulnerable and Outdated Components (NEW)


12 Minutes
Advanced

DES 239 Mitigating OWASP 2021 Software and Data Integrity Failures (NEW)


12 Minutes
Advanced

DES 238 Mitigating OWASP 2021 Server-Side Request Forgery (SSRF) (NEW)


12 Minutes
Advanced

DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)


12 Minutes
Advanced

DES 236 Mitigating OWASP 2021 Broken Access Control (NEW)


12 Minutes
Advanced

DES 235 Mitigating OWASP 2021 Insecure Design (NEW)


12 Minutes
Advanced

DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)


12 Minutes
Advanced

DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures (NEW)


12 Minutes
Advanced

DES 232 – Mitigating OWASP 2021 Injection (NEW)


12 Minutes
Advanced

LAB 330 ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes (NEW)


15 Minutes
Elite

LAB 322 ATT&CK: Exploiting Windows File Sharing Server with External Remote Services (NEW)


20 Minutes
Elite

LAB 321 ATT&CK: Password Cracking (NEW)


5 Minutes
Elite

LAB 237 Defending Java Applications Against SQL Injection (NEW)


20 Minutes
Advanced

LAB 233 Defending Node.js Applications Against XSS (NEW)


15 Minutes
Advanced

LAB 232 Defending C# Applications Against XSS (NEW)


15 Minutes
Advanced

LAB 231 Defending Python Applications Against XSS (NEW)


15 Minutes
Advanced

LAB 230 Defending Java Applications Against XSS (NEW)


15 Minutes
Advanced

LAB 220 Defending Against Hard-Coded Secrets (NEW)


5 Minutes
Advanced

LAB 120 Identifying XML Injection (NEW)


5 Minutes
Core

LAB 119 Identifying Persistent XSS (NEW)


5 Minutes
Advanced

LAB 118 Identifying Weak File Upload Validation (NEW)


5 Minutes
Advanced

LAB 117 Identifying Hidden Form Field (NEW)


5 Minutes
Advanced

LAB 116 Identifying Forceful Browsing (NEW)


5 Minutes
Advanced

LAB 115 Identifying Reflective XSS (NEW)


5 Minutes
Advanced

LAB 114 Identifying Cookie Tampering (NEW)


5 Minutes
Advanced

LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification


7 Minutes
Advanced

LAB 109 – Identifying Security Misconfiguration Vulnerabilities


5 Minutes
Advanced

LAB 108 – Identifying Reverse Engineering Vulnerabilities


8 Minutes
Advanced

LAB 107 – Identifying Injection Vulnerabilities


7 Minutes
Advanced

LAB 106 – Identifying Cross-Site Scripting Vulnerabilities


7 Minutes
Advanced

LAB 105 – Identifying Credential Dumping: Vulnerability Identification


7 Minutes
Advanced

LAB 104 – Identifying Business Logic Flaw Vulnerabilities


7 Minutes
Advanced

LAB 103 – Identifying Broken User Authentication Vulnerabilities


7 Minutes
Advanced

LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities


5 Minutes
Advanced

LAB 101 – Identifying Broken Access Control Vulnerabilities


5 Minutes
Advanced

TST 305 – Penetration Testing for Azure Cloud


20 Minutes
Elite

DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing


15 Minutes
Advanced

DES 207 – Mitigating OWASP API Security Top 10


15 Minutes
Advanced

TST 304 – Penetration Testing for AWS Cloud


20 Minutes
Elite

TST 303 – Penetration Testing for Google Cloud Platform


20 Minutes
Elite

DSO 256 – DevSecOps in the Google Cloud Platform


20 Minutes
Advanced

COD 252 – Securing Google Platform Applications & Data


25 Minutes
Advanced

COD 386 – Preventing Integer Overflows in Java Code


8 Minutes
Elite

COD 385 – Preventing Race Conditions in Java Code


8 Minutes
Elite

COD 384 – Protecting Java from Information Disclosure


8 Minutes
Elite

COD 324 – Protecting C# from XML Injection


8 Minutes
Elite

COD 319 – Preventing Vulnerabilities in Android Code in Java


20 Minutes
Elite

COD 315 – Preventing Vulnerabilities in iOS Code in Swift


20 Minutes
Elite

COD 287 – Java Application Server Hardening


20 Minutes
Advanced

TST 206 – ASVS Requirements for Developers


20 Minutes
Advanced

DES 206 – Meeting Cloud Governance and Compliance Requirements


15 Minutes
Advanced

COD 366 – Creating Secure Kotlin Applications


20 Minutes
Elite

COD 286 – Creating Secure React User Interfaces (UPDATED)


10 Minutes
Advanced

COD 285 – Developing Secure Angular Applications


30 Minutes
Advanced

DSO 305 – Automating CI/CD Pipeline Compliance


20 Minutes
Elite

DSO 304 – Securing API Gateways in a DevSecOps Framework


20 Minutes
Elite

DSO 303 – Automating Security Updates


20 Minutes
Elite

DSO 302- Automated Security Testing


20 Minutes
Elite

DSO 301 – Orchestrating Secure System and Service Configuration


20 Minutes
Elite

DSO 211 – Identifying Threats to Containers in a DevSecOps Framework


20 Minutes
Advanced

DES 282 – OWASP IoT2: Mitigating Insecure Network Services


12 Minutes
Advanced

DES 271 – OWASP M1: Mitigating Improper Platform Usage


12 Minutes
Advanced

DES 272 – OWASP M2: Mitigating Insecure Data Storage


12 Minutes
Advanced

DES 273 – OWASP M3: Mitigating Insecure Communication


12 Minutes
Advanced

DES 274 – OWASP M4: Mitigating Insecure Authentication


12 Minutes
Advanced

DES 275 – OWASP M5: Mitigating Insufficient Cryptography


12 Minutes
Advanced

DES 277 – OWASP M7: Mitigating Client Code Quality


12 Minutes
Advanced

DES 278 – OWASP M8: Mitigating Code Tampering


12 Minutes
Advanced

DES 279 – OWASP M9: Mitigating Reverse Engineering


12 Minutes
Advanced

DES 280 – OWASP M10: Mitigating Extraneous Functionality


12 Minutes
Advanced

DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords


12 Minutes
Advanced

DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces


12 Minutes
Advanced

DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism


12 Minutes
Advanced

DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components


12 Minutes
Advanced

DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection


12 Minutes
Advanced

DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage


12 Minutes
Advanced

DES 288 – OWASP IoT8: Mitigating Lack of Device Management


12 Minutes
Advanced

DES 289 – OWASP IoT9: Mitigating Insecure Default Settings


12 Minutes
Advanced

DES 276 – OWASP M6: Mitigating Insecure Authorization


12 Minutes
Advanced

DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening


12 Minutes
Advanced

ENG 354 – Authorizing and Monitoring System Controls within the RMF


20 Minutes
Elite

ENG 353 – Selecting, Implementing and Assessing Controls within the RMF


20 Minutes
Elite

DSO 254 – DevSecOps in the Azure Cloud


20 Minutes
Advanced

DSO 253 – DevSecOps in the AWS Cloud


20 Minutes
Advanced

DSO 205 – Securing the COTS Supply Chain


15 Minutes
Advanced

DES 306 – Creating a Secure Blockchain Network


20 Minutes
Elite

DES 305 – Protecting Existing Blockchain Assets


20 Minutes
Elite

DES 210 – Hardening Linux/Unix Systems


30 Minutes
Advanced

TST 356 – Penetration Testing for Cross-Site Scripting (XSS)


12 Minutes
Elite

TST 355 – Penetration Testing for Authorization Vulnerabilities


12 Minutes
Elite

TST 353 – Penetration Testing for SQL Injection


12 Minutes
Elite

TST 352 – Penetration Testing for Injection Vulnerabilities


12 Minutes
Elite

TST 351 – Penetration Testing for TLS Vulnerabilities


12 Minutes
Elite

TST 202 – Penetration Testing Fundamentals


25 Minutes
Advanced

DES 255 – Securing the IoT Update Process


30 Minutes
Advanced

DES 216 – Protecting Cloud Infrastructure


40 Minutes
Advanced

COD 258 – Creating Secure PHP Web Applications


30 Minutes
Advanced

COD 251 – Defending AJAX-Enabled Web Applications


25 Minutes
Advanced

COD 383 – Protecting Java Backend Services


30 Minutes
Elite

COD 267 – Securing Python Microservices


30 Minutes
Advanced

COD 309 – Securing ASP.NET MVC Applications


30 Minutes
Elite

COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks


45 Minutes
Elite

DES 218 – Protecting Microservices, Containers, and Orchestration


30 Minutes
Advanced

DES 214 – Securing Infrastructure Architecture


30 Minutes
Advanced

DES 215 – Defending Infrastructure


30 Minutes
Advanced

ENG 150 – Meeting Confidentiality, Integrity, and Availability


30 Minutes
Core

COD 284 – Secure Java Coding


30 Minutes
Advanced

COD 266 – Secure Ruby Scripting


15 Minutes
Advanced

COD 265 – Secure Python Scripting


15 Minutes
Advanced

COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes


15 Minutes
Advanced

COD 248 – PCI DSS 6: Develop and Maintain Secure Systems and Applications


15 Minutes
Advanced

COD 247 – PCI DSS 4: Encrypting Transmission of Cardholder Data


15 Minutes
Advanced

COD 246 – PCI DSS 3: Protecting Stored Cardholder Data


15 Minutes
Advanced

SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type


15 Minutes
Elite

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool


20 Minutes
Core

ENG 194 – Implementing Microsoft SDL Line of Business


20 Minutes
Core

ENG 193 – Implementing the Microsoft SDL Optimization Model


12 Minutes
Core

ENG 192- Implementing the Agile Microsoft SDL


20 Minutes
Core

ENG 191 – Introduction to the Microsoft SDL


25 Minutes
Core

ENG 121 – Essential Identification & Authentication


15 Minutes
Core

ENG 119 – Essential Security Audit & Accountability


15 Minutes
Core

ENG 115 – Essential System & Information Integrity


15 Minutes
Core

ENG 114 – Essential Risk Assessment


15 Minutes
Core

ENG 112 – Essential Access Control for Mobile Devices


15 Minutes
Core

ENG 110 – Essential Account Management Security


15 Minutes
Core

DES 260 – Fundamentals of IoT Architecture & Design


30 Minutes
Advanced

DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing


45 Minutes
Advanced

COD 382 – Protecting Data in Java


30 Minutes
Elite

COD 381 – Preventing Path Traversal Attacks in Java


8 Minutes
Elite

COD 380 – Preventing SQL Injection in Java


8 Minutes
Elite

COD 364 – Securing HTML5 Connectivity


20 Minutes
Elite

COD 363- Securing HTML5 Data


20 Minutes
Elite

COD 362 – HTML5 Built in Security Features


20 Minutes
Elite

COD 361 – HTML5 Secure Threats


15 Minutes
Elite

COD 352 – Creating Secure JavaScript and jQuery Code


45 Minutes
Elite

COD 322 – Protecting C# from SQL Injection


8 Minutes
Elite

COD 318 – Protecting Data on Android in Java


20 Minutes
Elite

COD 317 – Protecting Data on iOS in Swift


20 Minutes
Elite

COD 316 – Creating Secure iOS Code in Objective C


30 Minutes
Elite

COD 283 – Java Cryptography


45 Minutes
Advanced

COD 281 – Java Security Model


20 Minutes
Advanced

COD 270 – Creating Secure COBOL & Mainframe Applications


25 Minutes
Advanced

COD 264 – Secure Perl Scripting


15 Minutes
Advanced

COD 263 – Secure Bash Scripting


15 Minutes
Advanced

COD 262 – Fundamentals of Shell and Interpreted Language Security


30 Minutes
Advanced

COD 261 – Threats to Scripts


30 Minutes
Advanced

COD 259 – Node.js Threats & Vulnerabilities


30 Minutes
Advanced

COD 257 – Creating Secure Python Web Applications


45 Minutes
Advanced

COD 256 – Creating Secure Code: Ruby on Rails Foundations


45 Minutes
Advanced

COD 255 – Creating Secure Code: Web API Foundations


20 Minutes
Advanced

COD 254 – Creating Secure Azure Applications


45 Minutes
Advanced

COD 253 – Creating Secure AWS Cloud Applications


45 Minutes
Advanced

COD 242 – Creating Secure SQL Server & Azure SQL DB Applications


40 Minutes
Advanced

COD 241 – Creating Secure Oracle DB Applications


45 Minutes
Advanced

COD 219 – Creating Secure Code: SAP ABAP Foundations


90 Minutes
Advanced

COD 217 – Mitigating .NET Security Threats


45 Minutes
Advanced

COD 216 – Leveraging .NET Framework Code Access Security (CAS)


30 Minutes
Advanced

COD 206 – Creating Secure C++ Code


15 Minutes
Advanced

COD 202 – Secure C Runtime Protection


15 Minutes
Advanced

COD 170 – Identifying Threats to Mainframe COBOL Applications & Data


20 Minutes
Core

COD 160 -Fundamentals of Secure Embedded Software Development


45 Minutes
Core

COD 152 – Fundamentals of Secure Cloud Development


20 Minutes
Core

COD 141 – Fundamentals of Database Security


30 Minutes
Core

COD 110 – Fundamentals of Secure Mobile Development


45 Minutes
Core

Security Innovation

  • Training
  • Services
  • Solutions
  • Resources
  • About Us
  • Let’s Talk

Offices

Headquarters – Boston, MA
187 Ballardvale Street, Suite A195
Wilmington, MA 01887

Phone: +1.877.839.7598
Sales: 1.877.839.7598 x1
Support: 1.877.839.7598 x2
Email: Support
Email: PR

Pune, India
516 World Trade Center – Tower 2
Kharadi, Pune, MH 411014
Phone: +91 820 840 1411
Email: India Sales

Seattle, WA
1511 3rd Ave #808
Seattle, WA 98101

Copyright © Security Innovation, Inc. All Rights Reserved

Privacy Policy