• Close
  • Training
    • CMD+CTRL Base Camp
    • NEW! SI-CSC Certifications
    • Courses
      • Overview
      • Features
      • Learning Paths
      • Course Catalog
      • Customer Success
      • Try it
    • Labs
    • Cyber Range
      • Overview
      • Environments & Modes
      • Reporting
      • Customer Success
      • Get Started
    • Try it | Lab Journey series
    • Try it | Take the AppSec Challenge
  • Services
    • Overview
    • Software Penetration Testing
      • Pen testing Overview
      • IoT Pen Testing
      • Mobile Pen Testing
      • Cloud & Web Penetration Testing
      • Blockchain Pen Testing
      • Our Difference
    • Application Security Consulting
      • Secure SDLC (SSDLC) Consulting
      • Application Security Code Review
      • Architecture & Design Review
      • Medical Device Threat Modeling
    • Infrastructure Security Consulting
      • Attack Simulation
      • Cloud Security Configuration
      • Security Tabletop Consulting
  • Solutions
    • Cloud & Web
    • Mobile
    • IoT & Embedded
    • Blockchain
  • Resources
    • Guides & Case Studies
    • Webinars
  • About Us
    • Company Overview
    • 20 Years of Innovation
    • Closing the Skills Gap
    • Diversity, Equity & Inclusion
    • Clients
    • Leadership
    • Careers
    • News & Events
    • Contact
  • Let’s Talk
  • Ed TALKS
  • We’re Hiring
  • Blog
  • Course Catalog
Security Innovation
  • Ed TALKS
  • We’re Hiring
  • Blog
  • Course Catalog
  • Training
    • CMD+CTRL Base Camp
    • NEW! SI-CSC Certifications
    • Courses
      • Overview
      • Features
      • Learning Paths
      • Course Catalog
      • Customer Success
      • Try it
    • Labs
    • Cyber Range
      • Overview
      • Environments & Modes
      • Reporting
      • Customer Success
      • Get Started
    • Try it | Lab Journey series
    • Try it | Take the AppSec Challenge
  • Services
    • Overview
    • Software Penetration Testing
      • Pen testing Overview
      • IoT Pen Testing
      • Mobile Pen Testing
      • Cloud & Web Penetration Testing
      • Blockchain Pen Testing
      • Our Difference
    • Application Security Consulting
      • Secure SDLC (SSDLC) Consulting
      • Application Security Code Review
      • Architecture & Design Review
      • Medical Device Threat Modeling
    • Infrastructure Security Consulting
      • Attack Simulation
      • Cloud Security Configuration
      • Security Tabletop Consulting
  • Solutions
    • Cloud & Web
    • Mobile
    • IoT & Embedded
    • Blockchain
  • Resources
    • Guides & Case Studies
    • Webinars
  • About Us
    • Company Overview
    • 20 Years of Innovation
    • Closing the Skills Gap
    • Diversity, Equity & Inclusion
    • Clients
    • Leadership
    • Careers
    • News & Events
    • Contact
  • Let’s Talk

Course Catalog / Subject / Web

Web

View All Courses     Download Course Catalog

LAB 274 – Defending C# Applications Against SSRF (NEW)


10 Minutes
Advanced

LAB 273 – Defending Node.js Applications Against SSRF (NEW)


10 Minutes
Advanced

LAB 272 – Defending Python Applications Against SSRF (NEW)


10 Minutes
Advanced

LAB 271 – Defending Java Applications Against SSRF (NEW)


10 Minutes
Advanced

LAB 270 – Defending C# Applications Against Deserialization of Untrusted Data (NEW)


10 Minutes
Advanced

LAB 269 – Defending Node.js Applications Against Deserialization of Untrusted Data (NEW)


10 Minutes
Advanced

LAB 268 – Defending Python Applications Against Deserialization of Untrusted Data (NEW)


10 Minutes
Advanced

LAB 267 – Defending Java Applications Against Deserialization of Untrusted Data (NEW)


10 Minutes
Advanced

LAB 266 – Defending C# Applications Against Sensitive Information in Log Files (NEW)


10 Minutes
Advanced

LAB 265 – Defending Node.js Applications Against Sensitive Information in Log Files (NEW)


10 Minutes
Advanced

LAB 264 – Defending Python Applications Against Sensitive Information in Log Files (NEW)


10 Minutes
Advanced

LAB 263 – Defending Java Applications Against Sensitive Information in Log Files (NEW)


10 Minutes
Advanced

LAB 132 – Identifying Exposed Services (NEW)


5 Minutes
Core

LAB 131 – Identifying Improper Restriction of XML External Entity Reference (NEW)


5 Minutes
Core

LAB 262 – Defending Node.js Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 261 – Defending Python Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 260 – Defending C# Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 236 – Defending Java Applications Against Sensitive Information in Error Messages


10 Minutes
Advanced

LAB 130 – Identifying Generation of Predictable Numbers or Identifiers


5 Minutes
Core

LAB 129 – Identifying Error Message Containing Sensitive Information


5 Minutes
Core

LAB 128 – Identifying Unverified Password Change


5 Minutes
Core

LAB 127 – Identifying Security Logging and Monitoring Failures


5 Minutes
Core

API 213 – Mitigating APIs Mass Assignment


15 Minutes
Advanced

API 214 – Mitigating APIs Improper Asset Management


15 Minutes
Advanced

LAB 253 – Defending Python Applications Against Weak PRNG


10 Minutes
Advanced

LAB 247 – Defending Node.js Applications Against Weak PRNG


10 Minutes
Advanced

LAB 229 – Defending Java Applications Against Weak PRNG


10 Minutes
Advanced

LAB 239 – Defending C# Applications Against Weak PRNG


10 Minutes
Advanced

LAB 252 – Defending Python Applications Against Weak AES ECB Mode Encryption


10 Minutes
Advanced

LAB 246 – Defending Node.js Applications Against Weak AES ECB Mode Encryption


10 Minutes
Advanced

LAB 228 – Defending Java Applications Against Weak AES ECB Mode Encryption


10 Minutes
Advanced

LAB 238 – Defending C# Applications Against Weak AES ECB Mode Encryption


10 Minutes
Advanced

LAB 249 – Defending Python Applications Against Plaintext Password Storage


10 Minutes
Advanced

LAB 245 – Defending Node.js Applications Against Plaintext Password Storage


10 Minutes
Advanced

LAB 235 – Defending Java Applications Against Plaintext Password Storage


10 Minutes
Advanced

LAB 251 – Defending C# Applications Against Plaintext Password Storage


10 Minutes
Advanced

LAB 254 – Defending Python Applications Against Parameter Tampering


10 Minutes
Advanced

LAB 248 – Defending Node.js Applications Against Parameter Tampering


10 Minutes
Advanced

LAB 234 – Defending Java Applications Against Parameter Tampering


10 Minutes
Advanced

LAB 250 – Defending C# Applications Against Parameter Tampering


10 Minutes
Advanced

LAB 126 – Identifying Information Leakage


5 Minutes
Core

LAB 125 – Identifying Buffer Overflow


5 Minutes
Core

LAB 124 – Identifying Horizontal Privilege Escalation


5 Minutes
Core

LAB 111 – Identifying Server-Side Request Forgery


5 Minutes
Core

API 211 – Mitigating APIs Broken Object Level Authorization


15 Minutes
Advanced

API 210 – Mitigating APIs Lack of Resources & Rate Limiting


15 Minutes
Advanced

LAB 324 ATT&CK: Exploiting Java Web Application Server Misconfiguration


12 Minutes
Elite

LAB 323 ATT&CK: Exploiting Vulnerable Java Web Application Server Software


12 Minutes
Elite

LAB 315 ATT&CK: Updating Vulnerable Java Web Application Server Software


12 Minutes
Elite

LAB 244 – Defending Java Applications Against Security Misconfiguration


12 Minutes
Advanced

LAB 243 – Defending Python Applications Against eXternal XML Entity (XXE) Vulnerabilities


10 Minutes
Advanced

LAB 242 – Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities


10 Minutes
Advanced

LAB 241 – Defending C# Applications Against eXternal XML Entity (XXE) Vulnerabilities


10 Minutes
Advanced

LAB 240 – Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities


10 Minutes
Advanced

LAB 223 – Defending Node.js Applications Against SQL Injection


10 Minutes
Advanced

LAB 222 – Defending Python Applications Against SQL Injection


10 Minutes
Advanced

LAB 221 – Defending C# Applications Against SQL Injection


10 Minutes
Advanced

LAB 121 – Identifying Vulnerable and Outdate Components


5 Minutes
Advanced

LAB 113 – Identifying Cryptographic Failures


5 Minutes
Advanced

SDT 310 – Testing for Security Logging and Monitoring Failures


10 Minutes
Elite

SDT 309 – Testing for Vulnerable and Outdated Components


10 Minutes
Elite

SDT 308 – Testing for Software and Data Integrity Failures


10 Minutes
Elite

SDT 307 – Testing for Server-Side Request Forgery (SSRF)


10 Minutes
Elite

SDT 306 – Testing for Security Misconfiguration


10 Minutes
Elite

SDT 305 – Testing for Broken Access Control


10 Minutes
Elite

SDT 304 – Testing for Insecure Design


10 Minutes
Elite

SDT 303 – Testing for Cryptographic Failures


10 Minutes
Elite

SDT 302 – Testing for Identification and Authentication Failures


10 Minutes
Elite

SDT 301 – Testing for Injection


10 Minutes
Elite

DES 241 – Mitigating OWASP 2021 Security Logging and Monitoring Failures


12 Minutes
Advanced

DES 240 – Mitigating OWASP 2021 Vulnerable and Outdated Components


12 Minutes
Advanced

DES 239 – Mitigating OWASP 2021 Software and Data Integrity Failures


12 Minutes
Advanced

DES 238 – Mitigating OWASP 2021 Server-Side Request Forgery (SSRF)


12 Minutes
Advanced

DES 237 – Mitigating OWASP 2021 Security Misconfiguration


12 Minutes
Advanced

DES 236 – Mitigating OWASP 2021 Broken Access Control


12 Minutes
Advanced

DES 235 – Mitigating OWASP 2021 Insecure Design


12 Minutes
Advanced

DES 234 – Mitigating OWASP 2021 Cryptographic Failures


12 Minutes
Advanced

DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures


12 Minutes
Advanced

DES 232 – Mitigating OWASP 2021 Injection


12 Minutes
Advanced

LAB 330 ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes


15 Minutes
Elite

LAB 322 ATT&CK: Exploiting Windows File Sharing Server with External Remote Services


20 Minutes
Elite

LAB 321 ATT&CK: Password Cracking


5 Minutes
Elite

LAB 237 – Defending Java Applications Against SQL Injection


20 Minutes
Advanced

LAB 233 – Defending Node.js Applications Against XSS


15 Minutes
Advanced

LAB 232 – Defending C# Applications Against XSS


15 Minutes
Advanced

LAB 231 – Defending Python Applications Against XSS


15 Minutes
Advanced

LAB 230 – Defending Java Applications Against XSS


15 Minutes
Advanced

LAB 220 – Defending Against Hard-Coded Secrets


5 Minutes
Advanced

LAB 120 – Identifying XML Injection


5 Minutes
Core

LAB 119 – Identifying Persistent XSS


5 Minutes
Advanced

LAB 118 – Identifying Weak File Upload Validation


5 Minutes
Advanced

LAB 117 – Identifying Hidden Form Field


5 Minutes
Advanced

LAB 116 – Identifying Forceful Browsing


5 Minutes
Advanced

LAB 115 – Identifying Reflective XSS


5 Minutes
Advanced

LAB 114 – Identifying Cookie Tampering


5 Minutes
Advanced

LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification


7 Minutes
Advanced

LAB 109 – Identifying Security Misconfiguration Vulnerabilities


5 Minutes
Advanced

LAB 108 – Identifying Reverse Engineering Vulnerabilities


8 Minutes
Advanced

LAB 107 – Identifying Injection Vulnerabilities


7 Minutes
Advanced

LAB 106 – Identifying Cross-Site Scripting Vulnerabilities


7 Minutes
Advanced

LAB 105 – Identifying Credential Dumping: Vulnerability Identification


7 Minutes
Advanced

LAB 104 – Identifying Business Logic Flaw Vulnerabilities


7 Minutes
Advanced

LAB 103 – Identifying Broken User Authentication Vulnerabilities


7 Minutes
Advanced

LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities


5 Minutes
Advanced

LAB 101 – Identifying Broken Access Control Vulnerabilities


5 Minutes
Advanced

DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing


15 Minutes
Advanced

DES 207 – Mitigating OWASP API Security Top 10


15 Minutes
Advanced

COD 386 – Preventing Integer Overflows in Java Code


8 Minutes
Elite

COD 385 – Preventing Race Conditions in Java Code


8 Minutes
Elite

COD 384 – Protecting Java from Information Disclosure


8 Minutes
Elite

COD 324 – Protecting C# from XML Injection


8 Minutes
Elite

COD 287 – Java Application Server Hardening


20 Minutes
Advanced

TST 206 – ASVS Requirements for Developers


20 Minutes
Advanced

ENG 354 – Authorizing and Monitoring System Controls within the RMF


20 Minutes
Elite

ENG 353 – Selecting, Implementing and Assessing Controls within the RMF


20 Minutes
Elite

DSO 254 – DevSecOps in the Azure Cloud


20 Minutes
Advanced

DSO 253 – DevSecOps in the AWS Cloud


20 Minutes
Advanced

DSO 205 – Securing the COTS Supply Chain


15 Minutes
Advanced

DES 306 – Creating a Secure Blockchain Network


20 Minutes
Elite

DES 305 – Protecting Existing Blockchain Assets


20 Minutes
Elite

DES 210 – Hardening Linux/Unix Systems


30 Minutes
Advanced

TST 356 – Penetration Testing for Cross-Site Scripting (XSS)


12 Minutes
Elite

TST 355 – Penetration Testing for Authorization Vulnerabilities


12 Minutes
Elite

TST 353 – Penetration Testing for SQL Injection


12 Minutes
Elite

TST 352 – Penetration Testing for Injection Vulnerabilities


12 Minutes
Elite

TST 351 – Penetration Testing for TLS Vulnerabilities


12 Minutes
Elite

TST 202 – Penetration Testing Fundamentals


25 Minutes
Advanced

DES 216 – Protecting Cloud Infrastructure (UPDATED)


40 Minutes
Advanced

COD 258 – Creating Secure PHP Web Applications


30 Minutes
Advanced

COD 251 – Defending AJAX-Enabled Web Applications


25 Minutes
Advanced

COD 309 – Securing ASP.NET MVC Applications


30 Minutes
Elite

COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks


45 Minutes
Elite

ENG 150 – Meeting Confidentiality, Integrity, and Availability


30 Minutes
Core

COD 284 – Secure Java Coding


30 Minutes
Advanced

COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes


15 Minutes
Advanced

COD 248 – PCI DSS 6: Develop and Maintain Secure Systems and Applications


15 Minutes
Advanced

COD 247 – PCI DSS 4: Encrypting Transmission of Cardholder Data


15 Minutes
Advanced

COD 246 – PCI DSS 3: Protecting Stored Cardholder Data


15 Minutes
Advanced

SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type


15 Minutes
Elite

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool


20 Minutes
Core

ENG 194 – Implementing Microsoft SDL Line of Business


20 Minutes
Core

ENG 193 – Implementing the Microsoft SDL Optimization Model


12 Minutes
Core

ENG 192 – Implementing the Agile Microsoft SDL


20 Minutes
Core

ENG 191 – Introduction to the Microsoft SDL


25 Minutes
Core

COD 382 – Protecting Data in Java


30 Minutes
Elite

COD 381 – Preventing Path Traversal Attacks in Java


8 Minutes
Elite

COD 380 – Preventing SQL Injection in Java


8 Minutes
Elite

COD 364 – Securing HTML5 Connectivity


20 Minutes
Elite

COD 363 – Securing HTML5 Data


20 Minutes
Elite

COD 362 – HTML5 Built in Security Features


20 Minutes
Elite

COD 361 – HTML5 Secure Threats


15 Minutes
Elite

COD 322 – Protecting C# from SQL Injection


8 Minutes
Elite

COD 283 – Java Cryptography


45 Minutes
Advanced

COD 281 – Java Security Model


20 Minutes
Advanced

COD 257 – Creating Secure Python Web Applications


45 Minutes
Advanced

COD 256 – Creating Secure Code: Ruby on Rails Foundations


45 Minutes
Advanced

COD 255 – Creating Secure Code: Web API Foundations


20 Minutes
Advanced

COD 217 – Mitigating .NET Security Threats


45 Minutes
Advanced

COD 216 – Leveraging .NET Framework Code Access Security (CAS)


60 Minutes
Advanced

COD 202 – Secure C Runtime Protection


15 Minutes
Advanced

Security Innovation

  • Training
  • Services
  • Solutions
  • Resources
  • About Us
  • Let’s Talk

Offices

Headquarters – Boston, MA
187 Ballardvale Street, Suite A195
Wilmington, MA 01887

Phone: +1.877.839.7598
Sales: 1.877.839.7598 x1
Support: 1.877.839.7598 x2
Email: Support
Email: PR

Pune, India
516 World Trade Center – Tower 2
Kharadi, Pune, MH 411014
Phone: +91 820 840 1411
Email: India Sales

Seattle, WA
1511 3rd Ave #808
Seattle, WA 98101

Copyright © Security Innovation, Inc. All Rights Reserved.

Privacy Policy  |  Vulnerability Disclosure  |