| Application, Technical & Physical Access Controls |
DES 217 |
30 minutes |
| Applying OWASP 2017: Mitigating Injection |
DES 222 |
12 minutes |
| Applying OWASP 2017: Mitigating Broken Access Control |
DES 226 |
12 minutes |
| Applying OWASP 2017: Mitigating Broken Authentication |
DES 223 |
12 minutes |
| Applying OWASP 2017: Mitigating Cross Site Scripting (XSS) |
DES 228 |
12 minutes |
| Applying OWASP 2017: Mitigating Insecure Deserialization |
DES 229 |
12 minutes |
| Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities |
DES 231 |
12 minutes |
| Applying OWASP 2017: Mitigating Security Misconfiguration |
DES 227 |
12 minutes |
| Applying OWASP 2017: Mitigating Sensitive Data Exposure |
DES 224 |
12 minutes |
| Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities |
DES 230 |
12 minutes |
| Applying OWASP 2017: Mitigating XML External Entities |
DES 225 |
12 minutes |
| Architecture Risk Analysis & Remediation |
DES 212 |
60 minutes |
| COD 316 Creating Secure iOS Code in Objective C |
COD 316 |
30 minutes |
| COD 317 – Creating Secure iOS Code in Swift |
COD 317 |
90 minutes |
| COD 318 – Creating Secure Android Code in Java |
COD 318 |
90 minutes |
| COD 321 – Protecting C# from Integer Overflows & Canonicalization |
COD 321 |
30 minutes |
| COD 322 – Protecting C# from SQL & XML Injection |
COD 322 |
35 minutes |
| COD 323 – Protecting Data in C# |
COD 323 |
25 minutes |
| COD 352 – Creating Secure jQuery Code |
COD 352 |
90 minutes |
| COD 361 – HTML5 Secure Threats |
COD 361 |
15 minutes |
| COD 362 – HTML5 Built in Security Features |
COD 362 |
20 minutes |
| COD 380 – Protecting Java Code: SQLi & Integer Overflows |
COD 380 |
10 minutes |
| COD 381 – Protecting Java Code: Canonicalization, Information Disclosure and TOCTOU |
COD 381 |
25 minutes |
| COD 382 – Protecting Data in Java |
COD 382 |
30 minutes |
| Common C Vulnerabilities & Attacks |
COD 303 |
20 minutes |
| Communication Security in C++ |
COD 207 |
15 minutes |
| Creating Secure AJAX Code – ASP.NET Foundations |
COD 251 |
90 minutes |
| Creating Secure AJAX Code – Java Foundations |
COD 252 |
35 minutes |
| Creating Secure Application Architecture |
DES 311 |
120 minutes |
| Creating Secure AWS Cloud Applications |
COD 253 |
60 minutes |
| Creating Secure Azure Applications |
COD 254 |
90 minutes |
| Creating Secure C++ Code |
COD 206 |
15 minutes |
| Creating Secure COBOL & Mainframe Applications |
COD 270 |
25 minutes |
| Creating Secure Code – SAP ABAP Foundations |
COD 219 |
90 minutes |
| Creating Secure Code – Web API Foundations |
COD 255 |
120 minutes |
| Creating Secure Code -Ruby on Rails Foundations |
COD 256 |
90 minutes |
| Creating Secure Code ASP.NET MVC Applications |
COD 311 |
90 minutes |
| Creating Secure Oracle DB Applications |
COD 241 |
45 minutes |
| Creating Secure Over the Air (OTA) Updates |
DES 252 |
90 minutes |
| Creating Secure PHP Code |
COD 315 |
120 minutes |
| Creating Secure Python Web Applications |
COD 257 |
45 minutes |
| Creating Secure SQL Server & Azure SQL DB Applications |
COD 242 |
40 minutes |
| Cryptographic Components: Randomness, Algorithms, and Key Management |
DES 203 |
15 minutes |
| Cryptographic Suite Services: Encoding, Encrypting & Hashing |
DES 202 |
45 minutes |
| Defending Mobile App Code |
COD 237 |
20 minutes |
| Defending Mobile Data with Cryptography |
COD 235 |
20 minutes |
| Email Security |
AWA 010 |
10 minutes |
| ENG 126 – Essential Security Maintenance Policies |
ENG 126 |
15 minutes |
| ENG 127 – Essential Media Protection |
ENG 127 |
15 minutes |
| ENG 191 – Introduction to the Microsoft SDL |
ENG 191 |
12 minutes |
| ENG 192- Implementing the Agile Microsoft SDL |
ENG 192 |
20 minutes |
| ENG 193 – Implementing the Microsoft SDL Optimization Model |
ENG 193 |
25 minutes |
| ENG 194 – Implementing Microsoft SDL Line of Business |
ENG 194 |
20 minutes |
| ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool |
ENG 195 |
20 minutes |
| ENG 205 – Fundamentals of Threat Modeling |
ENG 205 |
60 minutes |
| ENG 211 – How to Create Application Security Design Requirements |
ENG 211 |
60 minutes |
| ENG 311 – Attack Surface Analysis & Reduction |
ENG 311 |
60 minutes |
| ENG 312 – How to Perform a Security Code Review |
ENG 312 |
60 minutes |
| Essential Access Control for Mobile Devices |
ENG 112 |
15 minutes |
| Essential Account Management Securitiy |
ENG 110 |
15 minutes |
| Essential Application Protection |
ENG 124 |
15 minutes |
| Essential Data Protection |
ENG 125 |
15 minutes |
| Essential Identification & Authentication |
ENG 121 |
15 minutes |
| Essential Incidence Response |
ENG 118 |
15 minutes |
| Essential Information Security Program Planning |
ENG 117 |
15 minutes |
| Essential Physical & Environmental Protection |
ENG 122 |
15 minutes |
| Essential Risk Assessment |
ENG 114 |
15 minutes |
| Essential Secure Configuration Management |
ENG 113 |
15 minutes |
| Essential Security Assessment & Authorization |
ENG 120 |
15 minutes |
| Essential Security Audit & Accountability |
ENG 119 |
15 minutes |
| Essential Security Engineering Principles |
ENG 123 |
15 minutes |
| Essential Security Planning Policy & Procedures |
ENG 116 |
15 minutes |
| Essential Session Management Security |
ENG 111 |
15 minutes |
| Essential System & Information Integrity |
ENG 115 |
15 minutes |
| Fundamentals of Application Security |
AWA 101 |
60 minutes |
| Fundamentals of IoT Architecture & Design |
DES 260 |
30 minutes |
| Fundamentals of Secure Ajax Code |
COD 153 |
35 minutes |
| Fundamentals of Secure Architecture |
DES 101 |
60 minutes |
| Fundamentals of Secure Cloud Development |
COD 152 |
30 minutes |
| Fundamentals of Secure Database Development |
COD 141 |
110 minutes |
| Fundamentals of Secure Development |
COD 101 |
60 minutes |
| Fundamentals of Secure Embedded Software Development |
COD 160 |
90 minutes |
| Fundamentals of Secure Mobile Development |
COD 110 |
60 minutes |
| Fundamentals of Secure Scripting |
COD 262 |
30 minutes |
| Identifying Threats to Mainframe COBOL Applications & Data |
COD 170 |
20 minutes |
| Information Privacy – Classifying Data |
AWA 008 |
15 minutes |
| Information Privacy – Protecting Data |
AWA 009 |
20 minutes |
| Information Privacy & Security Awareness for Executives |
AWA 007 |
50 minutes |
| Insecure IoT Authentication & Authorization |
COD 226 |
10 minutes |
| Insecure IoT Communications |
COD 228 |
10 minutes |
| Insecure IoT Firmware |
COD 230 |
10 minutes |
| Insecure IoT Mobile Interface |
COD 229 |
10 minutes |
| Insecure IoT Network Services |
COD 227 |
10 minutes |
| Insecure IoT Web Interfaces |
COD 225 |
10 minutes |
| Java Authentication & Authorization |
COD 282 |
20 minutes |
| Java Cryptography |
COD 283 |
30 minutes |
| Java Security Model |
COD 281 |
20 minutes |
| Leveraging .NET Framework Code Access Security (CAS) |
COD 216 |
30 minutes |
| Malware Awareness |
AWA 012 |
10 minutes |
| Message Integrity Cryptographic Functions |
DES 205 |
45 minutes |
| Mitigating .NET Security Threats |
COD 217 |
50 minutes |
| Mobile App Authentication & Authorization |
COD 236 |
20 minutes |
| Mobile Security |
AWA 013 |
10 minutes |
| Mobile Threats & Mitigations |
COD 234 |
20 minutes |
| Node.js Threats & Vulnerabilities |
COD 259 |
30 minutes |
| Password Security |
AWA 014 |
7 minutes |
| PCI Compliance |
AWA 015 |
17 minutes |
| PCI DSS v3.2 Best Practices for Developers |
COD 222 |
60 minutes |
| Phishing Awareness |
AWA 016 |
15 minutes |
| Physical Security |
AWA 017 |
10 minutes |
| Protecting Data in C++ |
COD 307 |
25 minutes |
| Protecting Sensitive Data while Scripting |
COD 264 |
30 minutes |
| Role of Cryptography in Application Development |
DES 204 |
15 minutes |
| Secure C Buffer Overflow Mitigations |
COD 301 |
45 minutes |
| Secure C Encrypted Network Communications |
COD 201 |
15 minutes |
| Secure C Memory Management |
COD 302 |
30 minutes |
| Secure C Runtime Protection |
COD 201 |
15 minutes |
| Secure Scripting with Perl, Python, Bash and Ruby |
COD 263 |
30 minutes |
| Secure Software Concepts |
AWA 102 |
30 minutes |
| Securing Cloud Instances |
DES 216 |
30 minutes |
| Securing HTML5 Connectivity |
COD 364 |
20 minutes |
| Securing HTML5 Data |
COD 363 |
20 minutes |
| Securing Network Access |
DES 214 |
30 minutes |
| Securing Operating System Access |
DES 215 |
30 minutes |
| Social Engineering Awareness |
AWA 018 |
10 minutes |
| Threats to Scripts |
COD 261 |
30 minutes |
| Travel Security |
AWA 019 |
10 minutes |
| TST 101 – Fundamentals of Security Testing |
TST 101 |
120 minutes |
| TST 222 – Testing for OWASP 2017: Injection |
TST 222 |
15 minutes |
| TST 223 – Testing for OWASP 2017: Broken Authentication |
TST 223 |
12 minutes |
| TST 224 – Testing for OWASP 2017: Sensitive Data Exposure |
TST 224 |
12 minutes |
| TST 225 – Testing for OWASP 2017: XML External Entities |
TST 225 |
10 minutes |
| TST 226 – Testing for OWASP 2017: Broken Access Control |
TST 226 |
10 minutes |
| TST 227 – Testing for OWASP 2017: Security Misconfiguration |
TST 227 |
10 minutes |
| TST 228 – Testing for OWASP 2017: Cross Site Scripting (XSS) |
TST 228 |
15 minutes |
| TST 229 – Testing for OWASP 2017: Insecure Deserialization |
TST 229 |
10 minutes |
| TST 230 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities |
TST 230 |
10 minutes |
| TST 231 – Testing for OWASP 2017: Insufficient Logging & Monitoring |
TST 231 |
10 minutes |
| TST 251 – Testing for SQL Injection (CWE-89) |
TST 251 |
15 minutes |
| TST 252 – Testing for OS Command Injection (CWE-78) |
TST 252 |
15 minutes |
| TST 253 – Testing for Classic Buffer Overflow (CWE-120) |
TST 253 |
15 minutes |
| TST 254 – Testing for Cross-site Scripting (CWE-79) |
TST 254 |
15 minutes |
| TST 255 – Testing for Missing Authentication for Critical Function (CWE-306) |
TST 255 |
10 minutes |
| TST 256 – Testing for Missing Authorization (CWE-862) |
TST 256 |
15 minutes |
| TST 257 – Testing for Use of Hard-Coded Credentials (CWE-798) |
TST 257 |
15 minutes |
| TST 258 – Testing for Missing Encryption of Sensitive Data (CWE-311) |
TST 258 |
15 minutes |
| TST 259 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434) |
TST 259 |
15 minutes |
| TST 260 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807) |
TST 260 |
15 minutes |
| TST 261 – Testing for Execution with Unnecessary Privileges (CWE-250) |
TST 261 |
15 minutes |
| TST 262 – Testing for Cross Site Request Forgery (CSRF): CWE-352 |
TST 262 |
15 minutes |
| TST 263 – Testing for Path Traversal (CWE-22) |
TST 263 |
15 minutes |
| TST 264 – Testing for Download of Code without Integrity Check (CWE-494) |
TST 264 |
15 minutes |
| TST 265 – Testing for Incorrect Authorization (CWE-863) |
TST 265 |
15 minutes |
| TST 266 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829) |
TST 266 |
15 minutes |
| TST 267 – Testing or Incorrect Permission Assignment for Critical Resource (CWE-732) |
TST 267 |
15 minutes |
| TST 268 – Testing for Use of a Potentially Dangerous Function (CWE-676) |
TST 268 |
15 minutes |
| TST 269 – Testing or Use of a Broken or Risky Cryptographic Algorithm (CWE-327) |
TST 269 |
15 minutes |
| TST 270 – Testing for Incorrect Calculation of Buffer Size (CWE-131) |
TST 270 |
15 minutes |
| TST 271 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307) |
TST 271 |
15 minutes |
| TST 272 – Testing for Open Redirect (CWE-601) |
TST 272 |
15 minutes |
| TST 273 – Testing for Uncontrolled Format String (CWE-134) |
TST 273 |
15 minutes |
| TST 274 – Testing or Integer Overflow or Wraparound (CWE-190) |
TST 274 |
15 minutes |
| TST 275 – Testing for Use of a One-way Hash without a Salt (CWE-759) |
TST 275 |
15 minutes |