Course Catalog / Full List

Back to Course Catalog

The Courses

Course Title Course # Course Duration
ATK 201 – Using the MITRE ATT&CK Framework ATK 201 15 minutes
AWA 101 – Fundamentals of Application Security AWA 101 30 minutes
AWA 102 – Secure Software Concepts AWA 102 30 minutes
COD 102 – The Role of Software Security COD 102 10 minutes
COD 103 – Creating Software Security Requirements COD 103 10 minutes
COD 104 – Designing Secure Software COD 104 15 minutes
COD 105 – Secure Software Development COD 105 20 minutes
COD 106 – The Importance of Software Integration and Testing COD 106 15 minutes
COD 107 – Secure Software Deployment COD 107 10 minutes
COD 108 – Software Operations and Maintenance COD 108 10 minutes
COD 110 – Fundamentals of Secure Mobile Development COD 110 45 minutes
COD 141 – Fundamentals of Database Security COD 141 30 minutes
COD 152 – Fundamentals of Secure Cloud Development COD 152 20 minutes
COD 160 -Fundamentals of Secure Embedded Software Development COD 160 45 minutes
COD 170 – Identifying Threats to Mainframe COBOL Applications & Data COD 170 20 minutes
COD 201 – Secure C Encrypted Network Communications COD 201 15 minutes
COD 202 – Secure C Runtime Protection COD 202 15 minutes
COD 206 – Creating Secure C++ Code COD 206 15 minutes
COD 207 – Communication Security in C++ COD 207 15 minutes
COD 214 – Creating Secure GO Applications COD 214 30 minutes
COD 216 – Leveraging .NET Framework Code Access Security (CAS) COD 216 30 minutes
COD 217 – Mitigating .NET Security Threats COD 217 45 minutes
COD 219 – Creating Secure Code: SAP ABAP Foundations COD 219 90 minutes
COD 241 – Creating Secure Oracle DB Applications COD 241 45 minutes
COD 242 – Creating Secure SQL Server & Azure SQL DB Applications COD 242 40 minutes
COD 246 – PCI DSS 3: Protecting Stored Cardholder Data COD 246 15 minutes
COD 247 – PCI DSS 4: Encrypting Transmission of Cardholder Data COD 247 15 minutes
COD 248 – PCI DSS 6: Develop and Maintain Secure Systems and Applications COD 248 15 minutes
COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes COD 249 15 minutes
COD 251 – Defending AJAX-Enabled Web Applications COD 251 25 minutes
COD 252 – Securing Google Platform Applications & Data COD 252 25 minutes
COD 253 – Creating Secure AWS Cloud Applications COD 253 45 minutes
COD 254 – Creating Secure Azure Applications COD 254 45 minutes
COD 255 – Creating Secure Code: Web API Foundations COD 255 20 minutes
COD 256 – Creating Secure Code: Ruby on Rails Foundations COD 256 45 minutes
COD 257 – Creating Secure Python Web Applications COD 257 45 minutes
COD 258 – Creating Secure PHP Web Applications COD 258 30 minutes
COD 259 – Node.js Threats & Vulnerabilities COD 259 30 minutes
COD 261 – Threats to Scripts COD 261 30 minutes
COD 262 – Fundamentals of Shell and Interpreted Language Security COD 262 30 minutes
COD 263 – Secure Bash Scripting COD 263 15 minutes
COD 264 – Secure Perl Scripting COD 264 15 minutes
COD 265 – Secure Python Scripting COD 265 15 minutes
COD 266 – Secure Ruby Scripting COD 266 15 minutes
COD 267 – Securing Python Microservices COD 267 30 minutes
COD 270 – Creating Secure COBOL & Mainframe Applications COD 270 25 minutes
COD 281 – Java Security Model COD 281 20 minutes
COD 283 – Java Cryptography COD 283 45 minutes
COD 284 – Secure Java Coding COD 284 30 minutes
COD 285 – Developing Secure Angular Applications COD 285 30 minutes
COD 286 – Creating Secure React User Interfaces COD 286 10 minutes
COD 287 – Java Application Server Hardening COD 287 20 minutes
COD 301 – Secure C Buffer Overflow Mitigations COD 301 45 minutes
COD 302 -Secure C Memory Management COD 302 20 minutes
COD 303 – Common C Vulnerabilities & Attacks COD 303 20 minutes
COD 307 – Protecting Data in C++ COD 307 25 minutes
COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks COD 308 45 minutes
COD 309 – Securing ASP.NET MVC Applications COD 309 30 minutes
COD 315 – Preventing Vulnerabilities in iOS Code in Swift COD 315 20 minutes
COD 316 – Creating Secure iOS Code in Objective C COD 316 30 minutes
COD 317 – Protecting Data on iOS in Swift COD 317 20 minutes
COD 318 – Protecting Data on Android in Java COD 318 20 minutes
COD 319 – Preventing Vulnerabilities in Android Code in Java COD 319 20 minutes
COD 321 – Protecting C# from Integer Overflows & Canonicalization COD 321 30 minutes
COD 322 – Protecting C# from SQL Injection COD 322 8 minutes
COD 323 – Using Encryption with C# COD 323 20 minutes
COD 324 – Protecting C# from XML Injection COD 324 8 minutes
COD 352 – Creating Secure JavaScript and jQuery Code COD 352 45 minutes
COD 361 – HTML5 Secure Threats COD 361 15 minutes
COD 362 – HTML5 Built in Security Features COD 362 20 minutes
COD 363- Securing HTML5 Data COD 363 20 minutes
COD 364 – Securing HTML5 Connectivity COD 364 20 minutes
COD 366 – Creating Secure Kotlin Applications COD 366 20 minutes
COD 370- Testing for OWASP 2017: Injection COD 370 15 minutes
COD 371 – Testing for OWASP 2017: Broken Authentication COD 371 12 minutes
COD 372 – Testing for OWASP 2017: Sensitive Data Exposure COD 372 12 minutes
COD 373 – Testing for OWASP 2017: XML External Entities COD 373 10 minutes
COD 374 – Testing for OWASP 2017: Broken Access Control COD 374 10 minutes
COD 375 – Testing for OWASP 2017: Security Misconfiguration COD 375 10 minutes
COD 376 – Testing for OWASP 2017: Cross Site Scripting (XSS) COD 376 15 minutes
COD 377 – Testing for OWASP 2017: Insecure Deserialization COD 377 10 minutes
COD 378 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities COD 378 10 minutes
COD 379 – Testing for OWASP 2017: Insufficient Logging & Monitoring COD 379 10 minutes
COD 380 – Preventing SQL Injection in Java COD 380 8 minutes
COD 381 – Preventing Path Traversal Attacks in Java COD 381 8 minutes
COD 382 – Protecting Data in Java COD 382 30 minutes
COD 383 – Protecting Java Backend Services COD 383 30 minutes
COD 384 – Protecting Java from Information Disclosure COD 384 8 minutes
COD 385 – Preventing Race Conditions in Java Code COD 385 8 minutes
COD 386 – Preventing Integer Overflows in Java Code COD 386 8 minutes
CYB 301 – Fundamentals of Ethical Hacking CYB 301 15 minutes
DES 101 – Fundamentals of Secure Architecture DES 101 20 minutes
DES 151 – Fundamentals of the PCI Secure SLC Standard DES 151 25 minutes
DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing DES 202 45 minutes
DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management DES 203 15 minutes
DES 204 – Role of Cryptography in Application Development DES 204 15 minutes
DES 205 – Message Integrity Cryptographic Functions DES 205 45 minutes
DES 206 – Meeting Cloud Governance and Compliance Requirements DES 206 15 minutes
DES 207 – Mitigating OWASP API Security Top 10 DES 207 15 minutes
DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing DES 208 15 minutes
DES 210 – Hardening Linux/Unix Systems DES 210 30 minutes
DES 212 – Architecture Risk Analysis & Remediation DES 212 30 minutes
DES 214 – Securing Infrastructure Architecture DES 214 30 minutes
DES 215 – Defending Infrastructure DES 215 30 minutes
DES 216 – Protecting Cloud Infrastructure DES 216 40 minutes
DES 217 – Securing Terraform Infrastructure and Resources DES 217 20 minutes
DES 218 – Protecting Microservices, Containers, and Orchestration DES 218 30 minutes
DES 222 – Applying OWASP 2017: Mitigating Injection DES 222 12 minutes
DES 223 – Applying OWASP 2017: Mitigating Broken Authentication DES 223 12 minutes
DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure DES 224 12 minutes
DES 225 – Applying OWASP 2017: Mitigating XML External Entities DES 225 12 minutes
DES 226 – Applying OWASP 2017: Mitigating Broken Access Control DES 226 12 minutes
DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration DES 227 12 minutes
DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS) DES 228 12 minutes
DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization DES 229 12 minutes
DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities DES 230 12 minutes
DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities DES 231 12 minutes
DES 255 – Securing the IoT Update Process DES 255 30 minutes
DES 260 – Fundamentals of IoT Architecture & Design DES 260 30 minutes
DES 271 – OWASP M1: Mitigating Improper Platform Usage DES 271 12 minutes
DES 272 – OWASP M2: Mitigating Insecure Data Storage DES 272 12 minutes
DES 273 – OWASP M3: Mitigating Insecure Communication DES 273 12 minutes
DES 274 – OWASP M4: Mitigating Insecure Authentication DES 274 12 minutes
DES 275 – OWASP M5: Mitigating Insufficient Cryptography DES 275 12 minutes
DES 276 – OWASP M6: Mitigating Insecure Authorization DES 276 12 minutes
DES 277 – OWASP M7: Mitigating Client Code Quality DES 277 12 minutes
DES 278 – OWASP M8: Mitigating Code Tampering DES 278 12 minutes
DES 279 – OWASP M9: Mitigating Reverse Engineering DES 279 12 minutes
DES 280 – OWASP M10: Mitigating Extraneous Functionality DES 280 12 minutes
DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords DES 281 12 minutes
DES 282 – OWASP IoT2: Mitigating Insecure Network Services DES 282 12 minutes
DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces DES 283 12 minutes
DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism DES 284 12 minutes
DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components DES 285 12 minutes
DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection DES 286 12 minutes
DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage DES 287 12 minutes
DES 288 – OWASP IoT8: Mitigating Lack of Device Management DES 288 12 minutes
DES 289 – OWASP IoT9: Mitigating Insecure Default Settings DES 289 12 minutes
DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening DES 290 12 minutes
DES 305 – Protecting Existing Blockchain Assets DES 305 20 minutes
DES 306 – Creating a Secure Blockchain Network DES 306 20 minutes
DES 311 – Creating Secure Application Architecture DES 311 45 minutes
DES 312 – Protecting Cardholder Data DES 312 20 minutes
DSO 201 – Fundamentals of Secure DevOps DSO 201 30 minutes
DSO 205 – Securing the COTS Supply Chain DSO 205 15 minutes
DSO 206 – Securing the Open Source Supply Chain DSO 206 15 minutes
DSO 211 – Identifying Threats to Containers in a DevSecOps Framework DSO 211 20 minutes
DSO 253 – DevSecOps in the AWS Cloud DSO 253 20 minutes
DSO 254 – DevSecOps in the Azure Cloud DSO 254 20 minutes
DSO 256 – DevSecOps in the Google Cloud Platform DSO 256 20 minutes
DSO 301 – Orchestrating Secure System and Service Configuration DSO 301 20 minutes
DSO 302- Automated Security Testing DSO 302 20 minutes
DSO 303 – Automating Security Updates DSO 303 20 minutes
DSO 304 – Securing API Gateways in a DevSecOps Framework DSO 304 20 minutes
DSO 305 – Automating CI/CD Pipeline Compliance DSO 305 20 minutes
DSO 306 – Implementing Infrastructure as Code DSO 306 20 minutes
DSO 307 – Secure Secrets Management DSO 307 20 minutes
ENG 110 – Essential Account Management Security ENG 110 15 minutes
ENG 111 – Essential Session Management Security ENG 111 15 minutes
ENG 112 – Essential Access Control for Mobile Devices ENG 112 15 minutes
ENG 113 – Essential Secure Configuration Management ENG 113 15 minutes
ENG 114 – Essential Risk Assessment ENG 114 15 minutes
ENG 115 – Essential System & Information Integrity ENG 115 15 minutes
ENG 116 – Essential Security Planning Policy & Procedures ENG 116 15 minutes
ENG 117 – Essential Information Security Program Planning ENG 117 15 minutes
ENG 118 – Essential Incident Response ENG 118 15 minutes
ENG 119 – Essential Security Audit & Accountability ENG 119 15 minutes
ENG 120 – Essential Security Assessment & Authorization ENG 120 15 minutes
ENG 121 – Essential Identification & Authentication ENG 121 15 minutes
ENG 122 – Essential Physical & Environmental Protection ENG 122 15 minutes
ENG 123 – Essential Security Engineering Principles ENG 123 15 minutes
ENG 124 – Essential Application Protection ENG 124 15 minutes
ENG 125 – Essential Data Protection ENG 125 15 minutes
ENG 126 – Essential Security Maintenance Policies ENG 126 15 minutes
ENG 127 – Essential Media Protection ENG 127 15 minutes
ENG 150 – Meeting Confidentiality, Integrity, and Availability ENG 150 30 minutes
ENG 151 – Fundamentals of Privacy Protection ENG 151 10 minutes
ENG 191 – Introduction to the Microsoft SDL ENG 191 25 minutes
ENG 192- Implementing the Agile Microsoft SDL ENG 192 20 minutes
ENG 193 – Implementing the Microsoft SDL Optimization Model ENG 193 12 minutes
ENG 194 – Implementing Microsoft SDL Line of Business ENG 194 20 minutes
ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool ENG 195 20 minutes
ENG 205 – Fundamentals of Threat Modeling ENG 205 45 minutes
ENG 211 – How to Create Application Security Design Requirements ENG 211 15 minutes
ENG 212 – Implementing Secure Software Operations ENG 212 20 minutes
ENG 251 – Risk Management Foundations ENG 251 20 minutes
ENG 311 – Attack Surface Analysis & Reduction ENG 311 25 minutes
ENG 312 – How to Perform a Security Code Review ENG 312 30 minutes
ENG 351 – Preparing the Risk Management Framework ENG 351 20 minutes
ENG 352 – Categorizing Systems and Information within the RMF ENG 352 10 minutes
ENG 353 – Selecting, Implementing and Assessing Controls within the RMF ENG 353 20 minutes
ENG 354 – Authorizing and Monitoring System Controls within the RMF ENG 354 20 minutes
LAB 101 – Identifying Broken Access Control Vulnerabilities LAB 101 5 minutes
LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities LAB 102 5 minutes
LAB 103 – Identifying Broken User Authentication Vulnerabilities LAB 103 7 minutes
LAB 104 – Identifying Business Logic Flaw Vulnerabilities LAB 104 7 minutes
LAB 105 – Identifying Credential Dumping: Vulnerability Identification LAB 105 7 minutes
LAB 106 – Identifying Cross-Site Scripting Vulnerabilities LAB 106 7 minutes
LAB 107 – Identifying Injection Vulnerabilities LAB 107 7 minutes
LAB 108 – Identifying Reverse Engineering Vulnerabilities LAB 108 8 minutes
LAB 109 – Identifying Security Misconfiguration Vulnerabilities LAB 109 5 minutes
LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification LAB 110 7 minutes
SDT 311 – Testing for Integer Overflow or Wraparound SDT 311 15 minutes
SDT 312 – Testing for (Path Traversal) Improper Limitation of a Pathname to a Restricted Directory SDT 312 15 minutes
SDT 313 – Testing for (CSRF) Cross Site Request Forgery SDT 313 15 minutes
SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type SDT 314 15 minutes
SDT 315 – Testing for Incorrect Permission Assignment for Critical Resource SDT 315 15 minutes
SDT 316- Testing for Use of Hard-Coded Credentials SDT 316 15 minutes
SDT 317 – Testing for Improper Control of Generation of Code SDT 317 10 minutes
SDT 318 – Testing for Insufficiently Protected Credentials SDT 318 10 minutes
SDT 319 – Testing for Out-of-bounds Read SDT 319 10 minutes
SDT 320 – Testing for Out-of-bounds Write SDT 320 10 minutes
SDT 321 – Testing for Uncontrolled Resource Consumption SDT 321 10 minutes
SDT 322 – Testing for Improper Privilege Management SDT 322 10 minutes
SDT 323 – Testing for Improper Input Validation SDT 323 10 minutes
SDT 324 – Testing for Improper Restriction of Operations within the Bounds of a Memory Buffer SDT 324 10 minutes
SDT 325 – Testing for NULL Pointer Dereference SDT 325 10 minutes
SDT 326 – Testing for Use After Free SDT 326 10 minutes
TST 101 – Fundamentals of Security Testing TST 101 20 minutes
TST 202 – Penetration Testing Fundamentals TST 202 25 minutes
TST 205 – Performing Vulnerability Scans TST 205 45 minutes
TST 206 – ASVS Requirements for Developers TST 206 20 minutes
TST 301 – Infrastructure Penetration Testing TST 301 45 minutes
TST 302 – Application Penetration Testing TST 302 45 minutes
TST 303 – Penetration Testing for Google Cloud Platform TST 303 20 minutes
TST 304 – Penetration Testing for AWS Cloud TST 304 20 minutes
TST 305 – Penetration Testing for Azure Cloud TST 305 20 minutes
TST 351 – Penetration Testing for TLS Vulnerabilities TST 351 12 minutes
TST 352 – Penetration Testing for Injection Vulnerabilities TST 352 12 minutes
TST 353 – Penetration Testing for SQL Injection TST 353 12 minutes
TST 354 – Penetration Testing for Memory Corruption Vulnerabilities TST 354 12 minutes
TST 355 – Penetration Testing for Authorization Vulnerabilities TST 355 12 minutes
TST 356 – Penetration Testing for Cross-Site Scripting (XSS) TST 356 12 minutes
TST 357 – Penetration Testing for Hardcoded Secrets TST 357 12 minutes
TST 358 – Penetration Testing Wireless Networks TST 358 12 minutes
TST 359 – Penetration Testing Network Infrastructure TST 359 12 minutes
TST 360 – Penetration Testing for Authentication Vulnerabilities TST 360 12 minutes