Close
Training
CMD+CTRL Base Camp
Courses
Overview
Features
Learning Paths
Course Catalog
Customer Success
Try it
Labs
Cyber Range
Overview
Environments & Modes
Reporting
Customer Success
Get Started
SI-CSC Certification
Try it
|
Take the AppSec Challenge
Services
Overview
Software Penetration Testing
IoT Pen Testing
Mobile Pen Testing
Cloud & Web Penetration Testing
Blockchain Pen Testing
Our Difference
Application Security Consulting
Secure SDLC (SSDLC) Consulting
Application Security Code Review
Architecture & Design Review
Medical Device Threat Modeling
Infrastructure Security Consulting
Attack Simulation
Cloud Security Configuration
Security Tabletop Consulting
Solutions
Cloud & Web
Mobile
IoT & Embedded
Blockchain
Plans
Resources
Ed TALKS
White Papers, Tipsheets, & Case Studies
Webinars
About Us
Company Overview
20 Years of Innovation
Diversity, Equity & Inclusion
Leadership
Careers
News & Events
Contact
Let’s Talk
Request a Demo
We’re Hiring
Blog
Course Catalog
Request a Demo
We’re Hiring
Blog
Course Catalog
Training
CMD+CTRL Base Camp
Courses
Overview
Features
Learning Paths
Course Catalog
Customer Success
Try it
Labs
Cyber Range
Overview
Environments & Modes
Reporting
Customer Success
Get Started
SI-CSC Certification
Try it
|
Take the AppSec Challenge
Services
Overview
Software Penetration Testing
IoT Pen Testing
Mobile Pen Testing
Cloud & Web Penetration Testing
Blockchain Pen Testing
Our Difference
Application Security Consulting
Secure SDLC (SSDLC) Consulting
Application Security Code Review
Architecture & Design Review
Medical Device Threat Modeling
Infrastructure Security Consulting
Attack Simulation
Cloud Security Configuration
Security Tabletop Consulting
Solutions
Cloud & Web
Mobile
IoT & Embedded
Blockchain
Plans
Resources
Ed TALKS
White Papers, Tipsheets, & Case Studies
Webinars
About Us
Company Overview
20 Years of Innovation
Diversity, Equity & Inclusion
Leadership
Careers
News & Events
Contact
Let’s Talk
Course Catalog
/
Subject
/
Technology
Technology
View All Courses
Download Course Catalog
API 210 – Mitigating APIs Lack of Resources & Rate Limiting
15 Minutes
Advanced
API 213 – Mitigating APIs Mass Assignment
15 Minutes
Advanced
API 214 – Mitigating APIs Improper Asset Management
15 Minutes
Advanced
API 250 – Controlling Access to the Kubernetes API
20 Minutes
Advanced
API 251 – Implementing Web Application and API Protection (WAAP)
35 Minutes
Advanced
COD 110 – Fundamentals of Secure Mobile Development
45 Minutes
Core
COD 141 – Fundamentals of Database Security
30 Minutes
Core
COD 160 – Fundamentals of Secure Embedded Software Development
45 Minutes
Core
COD 201 – Secure C Encrypted Network Communications
15 Minutes
Advanced
COD 202 – Secure C Runtime Protection
15 Minutes
Advanced
COD 206 – Creating Secure C++ Code
15 Minutes
Advanced
COD 207 – Communication Security in C++
15 Minutes
Advanced
COD 214 – Creating Secure GO Applications
30 Minutes
Advanced
COD 215 – Mitigating .NET Application Vulnerabilities (NEW)
25 Minutes
Advanced
COD 219 – Creating Secure Code: SAP ABAP Foundations
90 Minutes
Advanced
COD 251 – Defending AJAX-Enabled Web Applications
25 Minutes
Elective
COD 254 – Creating Secure Azure Applications
45 Minutes
Advanced
COD 255 – Creating Secure Code: Web API Foundations
20 Minutes
Elective
COD 256 – Creating Secure Ruby on Rails Foundations
45 Minutes
Advanced
COD 257 – Creating Secure Python Web Applications
45 Minutes
Advanced
COD 258 – Creating Secure PHP Web Applications
30 Minutes
Advanced
COD 259 – Node.js Threats & Vulnerabilities
30 Minutes
Advanced
COD 261 – Threats to Scripts
30 Minutes
Advanced
COD 262 – Fundamentals of Shell and Interpreted Language Security
30 Minutes
Advanced
COD 263 – Secure Bash Scripting
15 Minutes
Advanced
COD 264 – Secure Perl Scripting
15 Minutes
Advanced
COD 265 – Secure Python Scripting
15 Minutes
Advanced
COD 266 – Secure Ruby Scripting
15 Minutes
Advanced
COD 267 – Securing Python Microservices
30 Minutes
Advanced
COD 283 – Java Cryptography
45 Minutes
Advanced
COD 284 – Secure Java Coding
30 Minutes
Advanced
COD 285 – Developing Secure Angular Applications
30 Minutes
Advanced
COD 286 – Creating Secure React User Interfaces
10 Minutes
Advanced
COD 287 – Java Application Server Hardening
20 Minutes
Advanced
COD 288 – Java Public Key Cryptography
20 Minutes
Advanced
COD 301 – Secure C Buffer Overflow Mitigations
45 Minutes
Elite
COD 302 – Secure C Memory Management
20 Minutes
Elite
COD 303 – Common C Vulnerabilities & Attacks
20 Minutes
Elite
COD 307 – Protecting Data in C++
25 Minutes
Elite
COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks
45 Minutes
Elite
COD 309 – Securing ASP.NET MVC Applications (UPDATED)
20 Minutes
Advanced
COD 315 – Preventing Vulnerabilities in iOS Code in Swift
20 Minutes
Elite
COD 316 – Creating Secure iOS Code in Objective C
30 Minutes
Elite
COD 317 – Protecting Data on iOS in Swift
20 Minutes
Elite
COD 318 – Protecting Data on Android in Java (UPDATED)
30 Minutes
Elite
COD 319 – Preventing Vulnerabilities in Android Code in Java (UPDATED)
30 Minutes
Elite
COD 321 – Protecting C# from Integer Overflows & Canonicalization
30 Minutes
Elite
COD 322 – Protecting C# from SQL Injection
8 Minutes
Elite
COD 323 – Using Encryption with C#
20 Minutes
Elite
COD 324 – Protecting C# from XML Injection
8 Minutes
Elite
COD 352 – Creating Secure JavaScript and jQuery Code
45 Minutes
Elite
COD 361 – HTML5 Secure Threats
15 Minutes
Elite
COD 362 – HTML5 Built in Security Features
20 Minutes
Elite
COD 363 – Securing HTML5 Data
20 Minutes
Elite
COD 364 – Securing HTML5 Connectivity
20 Minutes
Elite
COD 366 – Creating Secure Kotlin Applications
20 Minutes
Elite
COD 380 – Preventing SQL Injection in Java
8 Minutes
Elite
COD 381 – Preventing Path Traversal Attacks in Java
8 Minutes
Elite
COD 382 – Protecting Data in Java
30 Minutes
Elite
COD 383 – Protecting Java Backend Services
30 Minutes
Elite
COD 384 – Protecting Java from Information Disclosure
8 Minutes
Elite
COD 385 – Preventing Race Conditions in Java Code
8 Minutes
Elite
COD 386 – Preventing Integer Overflows in Java Code
8 Minutes
Elite
CYB 213 – Generative AI Privacy & Cybersecurity Risk (NEW)
30 Minutes
Advanced
CYB 310 – Using Cyber Supply Chain Risk Management (C-SCRM) to Mitigate Threats to IT/OT
40 Minutes
Elite
CYB 311 – Threat Analysis with AI
20 Minutes
Elite
DES 207 – Mitigating OWASP API Security Top 10
15 Minutes
Advanced
DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing
15 Minutes
Advanced
DES 216 – Protecting Cloud Infrastructure
40 Minutes
Advanced
DES 218 – Protecting Microservices, Containers, and Orchestration
30 Minutes
Advanced
DES 219 – Securing Google’s Firebase Platform
60 Minutes
Advanced
DES 232 – Mitigating OWASP 2021 Injection
12 Minutes
Advanced
DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures
12 Minutes
Advanced
DES 234 – Mitigating OWASP 2021 Cryptographic Failures
12 Minutes
Advanced
DES 235 – Mitigating OWASP 2021 Insecure Design
12 Minutes
Advanced
DES 236 – Mitigating OWASP 2021 Broken Access Control
12 Minutes
Advanced
DES 237 – Mitigating OWASP 2021 Security Misconfiguration
12 Minutes
Advanced
DES 238 – Mitigating OWASP 2021 Server-Side Request Forgery (SSRF)
12 Minutes
Advanced
DES 239 – Mitigating OWASP 2021 Software and Data Integrity Failures
12 Minutes
Advanced
DES 240 – Mitigating OWASP 2021 Vulnerable and Outdated Components
12 Minutes
Advanced
DES 241 – Mitigating OWASP 2021 Security Logging and Monitoring Failures
12 Minutes
Advanced
DES 261 – Securing Serverless Environments
20 Minutes
Advanced
DES 262 – Securing Enterprise Low-Code Applications Platforms
20 Minutes
Advanced
DES 271 – OWASP M1: Mitigating Improper Platform Usage
12 Minutes
Advanced
DES 272 – OWASP M2: Mitigating Insecure Data Storage
12 Minutes
Advanced
DES 273 – OWASP M3: Mitigating Insecure Communication
12 Minutes
Advanced
DES 274 – OWASP M4: Mitigating Insecure Authentication
12 Minutes
Advanced
DES 275 – OWASP M5: Mitigating Insufficient Cryptography
12 Minutes
Advanced
DES 276 – OWASP M6: Mitigating Insecure Authorization
12 Minutes
Advanced
DES 277 – OWASP M7: Mitigating Client Code Quality
12 Minutes
Advanced
DES 278 – OWASP M8: Mitigating Code Tampering
12 Minutes
Advanced
DES 279 – OWASP M9: Mitigating Reverse Engineering
12 Minutes
Advanced
DES 280 – OWASP M10: Mitigating Extraneous Functionality
12 Minutes
Advanced
DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces
12 Minutes
Elective
DES 305 – Protecting Existing Blockchain Assets
20 Minutes
Elite
DES 306 – Creating a Secure Blockchain Network
20 Minutes
Elite
DES 313 – Hardening a Kubernetes Cluster
20 Minutes
Elite
DES 314 – Hardening the Docker Engine
15 Minutes
Elite
DES 361 – Mitigating LCNC (Low-Code/No-Code) Account Impersonation
20 Minutes
Elite
DES 362 – Mitigating LCNC (Low-Code/No-Code) Authorization Misuse
20 Minutes
Elite
DSO 206 – Securing the Open Source Supply Chain
15 Minutes
Advanced
DSO 253 – DevSecOps in the AWS Cloud
20 Minutes
Advanced
DSO 254 – DevSecOps in the Azure Cloud
20 Minutes
Advanced
DSO 301 – Orchestrating Secure System and Service Configuration
20 Minutes
Elite
DSO 304 – Securing API Gateways in a DevSecOps Framework
20 Minutes
Elite
ENG 112 – Essential Access Control for Mobile Devices
15 Minutes
Core
ENG 211 – How to Create Application Security Design Requirements
15 Minutes
Advanced
ENG 311 – Attack Surface Analysis & Reduction
25 Minutes
Elite
ENG 320 – Using Software Composition Analysis (SCA) to Secure Open-Source Components
20 Minutes
Elite
LAB 122 – Identifying Insecure APIs
5 Minutes
Advanced
LAB 123 – Identifying Vertical Privilege Escalation
5 Minutes
Advanced
LAB 201 – Defending Java Applications Against Canonicalization (NEW)
5 Minutes
Advanced
LAB 202 – Defending Python Applications Against Canonicalization (NEW)
5 Minutes
Advanced
LAB 203 – Defending C# Applications Against Canonicalization (NEW)
5 Minutes
Advanced
LAB 204 – Defending Node.js Applications Against Canonicalization (NEW)
5 Minutes
Advanced
LAB 205 – Defending Java Applications Against XPath Injection (NEW)
5 Minutes
Advanced
LAB 206 – Defending Python Applications Against XPath Injection (NEW)
5 Minutes
Advanced
LAB 207 – Defending Node.js Applications Against XPath Injection (NEW)
5 Minutes
Advanced
LAB 208 – Defending C# Applications Against XPath Injection (NEW)
5 Minutes
Advanced
LAB 211 – Defending Java Applications Against Credentials in Code Medium
10 Minutes
Advanced
LAB 212 – Defending Python Applications Against Credentials in Code Medium
10 Minutes
Advanced
LAB 213 – Defending Node.js Applications Against Credentials in Code Medium
10 Minutes
Advanced
LAB 214 – Defending C# Applications Against Credentials in Code Medium
10 Minutes
Advanced
LAB 215 – Defending Java Applications Against Business Logic Error for Input Validation
10 Minutes
Advanced
LAB 216 – Defending Python Applications Against Business Logic Error for Input Validation
10 Minutes
Advanced
LAB 217 – Defending Node.js Applications Against Business Logic Error for Input Validation
10 Minutes
Advanced
LAB 218 – Defending C# Applications Against Business Logic Error for Input Validation
10 Minutes
Advanced
LAB 221 – Defending C# Applications Against SQL Injection
10 Minutes
Advanced
LAB 222 – Defending Python Applications Against SQL Injection
10 Minutes
Advanced
LAB 223 – Defending Node.js Applications Against SQL Injection
10 Minutes
Advanced
LAB 224 – Defending Java Applications Against Forceful Browsing
10 Minutes
Advanced
LAB 225 – Defending Python Applications Against Forceful Browsing
10 Minutes
Advanced
LAB 226 – Defending Node.js Applications Against Forceful Browsing
10 Minutes
Advanced
LAB 227 – Defending C# Applications Against Forceful Browsing
10 Minutes
Advanced
LAB 228 – Defending Java Applications Against Weak AES ECB Mode Encryption
10 Minutes
Advanced
LAB 229 – Defending Java Applications Against Weak PRNG
10 Minutes
Advanced
LAB 230 – Defending Java Applications Against XSS
15 Minutes
Advanced
LAB 231 – Defending Python Applications Against XSS
15 Minutes
Advanced
LAB 232 – Defending C# Applications Against XSS
15 Minutes
Advanced
LAB 233 – Defending Node.js Applications Against XSS
15 Minutes
Advanced
LAB 234 – Defending Java Applications Against Parameter Tampering
10 Minutes
Advanced
LAB 235 – Defending Java Applications Against Plaintext Password Storage
10 Minutes
Advanced
LAB 236 – Defending Java Applications Against Sensitive Information in Error Messages
10 Minutes
Advanced
LAB 237 – Defending Java Applications Against SQL Injection
20 Minutes
Advanced
LAB 238 – Defending C# Applications Against Weak AES ECB Mode Encryption
10 Minutes
Advanced
LAB 239 – Defending C# Applications Against Weak PRNG
10 Minutes
Advanced
LAB 240 – Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities
10 Minutes
Advanced
LAB 241 – Defending C# Applications Against eXternal XML Entity (XXE) Vulnerabilities
10 Minutes
Advanced
LAB 242 – Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities
10 Minutes
Advanced
LAB 243 – Defending Python Applications Against eXternal XML Entity (XXE) Vulnerabilities
10 Minutes
Advanced
LAB 244 – Defending Java Applications Against Security Misconfiguration
12 Minutes
Advanced
LAB 245 – Defending Node.js Applications Against Plaintext Password Storage
10 Minutes
Advanced
LAB 246 – Defending Node.js Applications Against Weak AES ECB Mode Encryption
10 Minutes
Advanced
LAB 247 – Defending Node.js Applications Against Weak PRNG
10 Minutes
Advanced
LAB 248 – Defending Node.js Applications Against Parameter Tampering
10 Minutes
Advanced
LAB 249 – Defending Python Applications Against Plaintext Password Storage
10 Minutes
Advanced
LAB 250 – Defending C# Applications Against Parameter Tampering
10 Minutes
Advanced
LAB 251 – Defending C# Applications Against Plaintext Password Storage
10 Minutes
Advanced
LAB 252 – Defending Python Applications Against Weak AES ECB Mode Encryption
10 Minutes
Advanced
LAB 253 – Defending Python Applications Against Weak PRNG
10 Minutes
Advanced
LAB 254 – Defending Python Applications Against Parameter Tampering
10 Minutes
Advanced
LAB 260 – Defending C# Applications Against Sensitive Information in Error Messages
10 Minutes
Advanced
LAB 261 – Defending Python Applications Against Sensitive Information in Error Messages
10 Minutes
Advanced
LAB 262 – Defending Node.js Applications Against Sensitive Information in Error Messages
10 Minutes
Advanced
LAB 263 – Defending Java Applications Against Sensitive Information in Log Files
10 Minutes
Advanced
LAB 264 – Defending Python Applications Against Sensitive Information in Log Files
10 Minutes
Advanced
LAB 265 – Defending Node.js Applications Against Sensitive Information in Log Files
10 Minutes
Advanced
LAB 266 – Defending C# Applications Against Sensitive Information in Log Files
10 Minutes
Advanced
LAB 267 – Defending Java Applications Against Deserialization of Untrusted Data
10 Minutes
Advanced
LAB 268 – Defending Python Applications Against Deserialization of Untrusted Data
10 Minutes
Advanced
LAB 269 – Defending Node.js Applications Against Deserialization of Untrusted Data
10 Minutes
Advanced
LAB 270 – Defending C# Applications Against Deserialization of Untrusted Data
10 Minutes
Advanced
LAB 271 – Defending Java Applications Against SSRF
10 Minutes
Advanced
LAB 272 – Defending Python Applications Against SSRF
10 Minutes
Advanced
LAB 273 – Defending Node.js Applications Against SSRF
10 Minutes
Advanced
LAB 274 – Defending C# Applications Against SSRF
10 Minutes
Advanced
LAB 275 – Defending Java Applications Against Command Injection
10 Minutes
Advanced
LAB 276 – Defending Python Applications Against Command Injection
10 Minutes
Advanced
LAB 277 – Defending Node.js Applications Against Command Injection
10 Minutes
Advanced
LAB 278 – Defending C# Applications Against Command Injection
10 Minutes
Advanced
LAB 279 – Defending Java Applications Against Dangerous File Upload
10 Minutes
Advanced
LAB 280 – Defending Python Applications Against Dangerous File Upload
10 Minutes
Advanced
LAB 281 – Defending Node.js Applications Against Dangerous File Upload
10 Minutes
Advanced
LAB 282 – Defending C# Applications Against Dangerous File Upload
10 Minutes
Advanced
LAB 283 – Defending Java Applications Against RegEx DoS
10 Minutes
Advanced
LAB 284 – Defending Python Applications Against RegEx DoS
10 Minutes
Advanced
LAB 285 – Defending Node.js Applications Against RegEx DoS
10 Minutes
Advanced
LAB 286 – Defending C# Applications Against RegEx DoS
10 Minutes
Advanced
LAB 287 – Defending Java Applications Against Null Pointer Dereference
10 Minutes
Advanced
LAB 288 – Defending C# Applications Against Null Pointer Dereference
10 Minutes
Advanced
LAB 289 – Defending Java Applications Against Path Traversal
10 Minutes
Advanced
LAB 290 – Defending Python Applications Against Path Traversal
10 Minutes
Advanced
LAB 291 – Defending Node.js Applications Against Path Traversal
10 Minutes
Advanced
LAB 292 – Defending C# Applications Against Path Traversal
10 Minutes
Advanced
LAB 293 – Defending Java Applications Against Integer Overflow
10 Minutes
Advanced
LAB 294 – Defending C# Applications Against Integer Overflow
10 Minutes
Advanced
LAB 315 – ATT&CK: Updating Vulnerable Java Web Application Server Software
12 Minutes
Elite
LAB 323 – ATT&CK: Exploiting Vulnerable Java Web Application Server Software
12 Minutes
Elite
LAB 324 – ATT&CK: Exploiting Java Web Application Server Misconfiguration
12 Minutes
Elite
LAB 330 – ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes
15 Minutes
Elite
SDT 301 – Testing for Injection
10 Minutes
Elite
SDT 302 – Testing for Identification and Authentication Failures
10 Minutes
Elite
SDT 303 – Testing for Cryptographic Failures
10 Minutes
Elite
SDT 304 – Testing for Insecure Design
10 Minutes
Elite
SDT 305 – Testing for Broken Access Control
10 Minutes
Elite
SDT 306 – Testing for Security Misconfiguration
10 Minutes
Elite
SDT 307 – Testing for Server-Side Request Forgery (SSRF)
10 Minutes
Elite
SDT 308 – Testing for Software and Data Integrity Failures
10 Minutes
Elite
SDT 309 – Testing for Vulnerable and Outdated Components
10 Minutes
Elite
SDT 310 – Testing for Security Logging and Monitoring Failures
10 Minutes
Elite
SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
15 Minutes
Elite
TST 206 – ASVS Requirements for Developers
20 Minutes
Advanced