The Courses

Course Title Course # Course Duration
AWA 007 – Information Privacy & Security Awareness for Executives AWA 007 45 minutes
AWA 008 – Information Privacy: Classifying Data AWA 008 15 minutes
AWA 009 – Information Privacy: Protecting Data AWA 009 20 minutes
AWA 010 – Email Security AWA 010 10 minutes
AWA 012 – Malware Awareness AWA 012 10 minutes
AWA 013 – Mobile Security AWA 013 15 minutes
AWA 014 – Password Security AWA 014 10 minutes
AWA 015 – PCI Compliance AWA 015 15 minutes
AWA 016 – Phishing Awareness AWA 016 10 minutes
AWA 017 – Physical Security AWA 017 10 minutes
AWA 018 – Social Engineering Awareness AWA 018 15 minutes
AWA 019 – Travel Security AWA 019 15 minutes
AWA 101 – Fundamentals of Application Security (UPDATED) AWA 101 30 minutes
AWA 102 – Secure Software Concepts AWA 102 30 minutes
COD 101 – Fundamentals of SDLC Security Series COD 101 60 minutes
COD 102 – The Role of Software Security (NEW) COD 102 10 minutes
COD 103 – Creating Software Security Requirements (NEW) COD 103 10 minutes
COD 104 – Designing Secure Software (NEW) COD 104 15 minutes
COD 105 – Secure Software Development (NEW) COD 105 20 minutes
COD 106 – The Importance of Software Integration and Testing (NEW) COD 106 15 minutes
COD 107 – Secure Software Deployment (NEW) COD 107 10 minutes
COD 108 – Software Operations and Maintenance (NEW) COD 108 10 minutes
COD 110 – Fundamentals of Secure Mobile Development (Updated) COD 110 45 minutes
COD 141 – Fundamentals of Secure Database Development COD 141 110 minutes
COD 152 – Fundamentals of Secure Cloud Development (Updated) COD 152 20 minutes
COD 160 -Fundamentals of Secure Embedded Software Development COD 160 90 minutes
COD 170 – Identifying Threats to Mainframe COBOL Applications & Data COD 170 20 minutes
COD 201 – Secure C Encrypted Network Communications COD 201 15 minutes
COD 202 – Secure C Runtime Protection COD 202 15 minutes
COD 206 – Creating Secure C++ Code COD 206 15 minutes
COD 207 – Communication Security in C++ COD 207 15 minutes
COD 214 – Creating Secure GO Applications (NEW) COD 214 30 minutes
COD 216 – Leveraging .NET Framework Code Access Security (CAS) COD 216 30 minutes
COD 217 – Mitigating .NET Security Threats COD 217 45 minutes
COD 219 – Creating Secure Code: SAP ABAP Foundations COD 219 90 minutes
COD 222 – PCI DSS v3.2 Best Practices for Developers COD 222 60 minutes
COD 225 – Insecure IoT Web Interfaces (UPDATED) COD 225 10 minutes
COD 226 – Insecure IoT Authentication & Authorization (UPDATED) COD 226 10 minutes
COD 227 – Insecure IoT Network Services (UPDATED) COD 227 10 minutes
COD 228 – Insecure IoT Communications (UPDATED) COD 228 10 minutes
COD 229 – Insecure IoT Mobile Interface (UPDATED) COD 229 10 minutes
COD 230 – Insecure IoT Firmware (UPDATED) COD 230 10 minutes
COD 234 – Mobile Threats & Mitigations COD 234 20 minutes
COD 235 – Defending Mobile Data with Cryptography COD 235 20 minutes
COD 236 – Mobile App Authentication & Authorization COD 236 20 minutes
COD 237 – Defending Mobile App Code COD 237 20 minutes
COD 241 – Creating Secure Oracle DB Applications COD 241 45 minutes
COD 242 – Creating Secure SQL Server & Azure SQL DB Applications (Updated) COD 242 40 minutes
COD 246 – PCI DSS 3: Protecting Stored Cardholder Data (NEW) COD 246 15 minutes
COD 247 – PCI DSS 4: Encrypting Transmission of Cardholder Data (NEW) COD 247 15 minutes
COD 248 – PCI DSS 6: Develop and Maintain Secure Systems and Applications (NEW) COD 248 15 minutes
COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes (NEW) COD 249 15 minutes
COD 251 – Defending AJAX-Enabled Web Applications (NEW) COD 251 25 minutes
COD 253 – Creating Secure AWS Cloud Applications (Updated) COD 253 45 minutes
COD 254 – Creating Secure Azure Applications (Updated) COD 254 45 minutes
COD 255 – Creating Secure Code: Web API Foundations COD 255 120 minutes
COD 256 – Creating Secure Code: Ruby on Rails Foundations COD 256 90 minutes
COD 257 – Creating Secure Python Web Applications COD 257 45 minutes
COD 258 – Creating Secure PHP Web Applications (NEW) COD 258 30 minutes
COD 259 – Node.js Threats & Vulnerabilities COD 259 30 minutes
COD 261 – Threats to Scripts (UPDATED) COD 261 30 minutes
COD 262 – Fundamentals of Shell and Interpreted Language Security (UPDATED) COD 262 30 minutes
COD 263 – Secure Bash Scripting (NEW) COD 263 15 minutes
COD 264 – Secure Perl Scripting (NEW) COD 264 15 minutes
COD 265 – Secure Python Scripting (NEW) COD 265 15 minutes
COD 266 – Secure Ruby Scripting (NEW) COD 266 15 minutes
COD 267 – Securing Python Microservices (New) COD 267 30 minutes
COD 270 – Creating Secure COBOL & Mainframe Applications COD 270 25 minutes
COD 281 – Java Security Model COD 281 20 minutes
COD 282 – Java Authentication & Authorization COD 282 20 minutes
COD 283 – Java Cryptography (UPDATED) COD 283 45 minutes
COD 284 – Secure Java Coding (NEW) COD 284 30 minutes
COD 301 – Secure C Buffer Overflow Mitigations COD 301 45 minutes
COD 302 -Secure C Memory Management COD 302 30 minutes
COD 303 – Common C Vulnerabilities & Attacks COD 303 20 minutes
COD 307 – Protecting Data in C++ COD 307 25 minutes
COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks (New) COD 308 45 minutes
COD 309 – Securing ASP.NET MVC Applications (New) COD 309 30 minutes
COD 316 – Creating Secure iOS Code in Objective C COD 316 30 minutes
COD 317 – Creating Secure iOS Code in Swift (Updated) COD 317 45 minutes
COD 318 – Creating Secure Android Code in Java (Updated) COD 318 45 minutes
COD 321 – Protecting C# from Integer Overflows & Canonicalization COD 321 30 minutes
COD 322 – Protecting C# from SQL & XML Injection COD 322 35 minutes
COD 323 – Protecting Data in C# COD 323 25 minutes
COD 352 – Creating Secure JavaScript and jQuery Code (Updated) COD 352 45 minutes
COD 361 – HTML5 Secure Threats COD 361 15 minutes
COD 362 – HTML5 Built in Security Features COD 362 20 minutes
COD 363- Securing HTML5 Data COD 363 20 minutes
COD 364 – Securing HTML5 Connectivity COD 364 20 minutes
COD 380 – Protecting Java Code: SQLi & Integer Overflows COD 380 10 minutes
COD 381 – Protecting Java Code: Canonicalization, Information Disclosure and TOCTOU COD 381 25 minutes
COD 382 – Protecting Data in Java COD 382 30 minutes
COD 383 – Protecting Java Backend Services (New) COD 383 30 minutes
DES 101 – Fundamentals of Secure Architecture DES 101 60 minutes
DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing DES 202 45 minutes
DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management DES 203 15 minutes
DES 204 – Role of Cryptography in Application Development DES 204 15 minutes
DES 205 – Message Integrity Cryptographic Functions DES 205 45 minutes
DES 212 – Architecture Risk Analysis & Remediation DES 212 60 minutes
DES 214 – Securing Infrastructure Architecture (NEW) DES 214 30 minutes
DES 215 – Defending Infrastructure (NEW) DES 215 30 minutes
DES 216 – Protecting Cloud Infrastructure (New) DES 216 40 minutes
DES 217 – Application, Technical & Physical Access Controls DES 217 30 minutes
DES 218 – Protecting Microservices, Containers, and Orchestration (New) DES 218 30 minutes
DES 222 – Applying OWASP 2017: Mitigating Injection DES 222 12 minutes
DES 223 – Applying OWASP 2017: Mitigating Broken Authentication DES 223 12 minutes
DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure DES 224 12 minutes
DES 225 – Applying OWASP 2017: Mitigating XML External Entities DES 225 12 minutes
DES 226 – Applying OWASP 2017: Mitigating Broken Access Control DES 226 12 minutes
DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration DES 227 12 minutes
DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS) DES 228 12 minutes
DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization DES 229 12 minutes
DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities DES 230 12 minutes
DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities DES 231 12 minutes
DES 260 – Fundamentals of IoT Architecture & Design DES 260 30 minutes
DES 311 – Creating Secure Application Architecture DES 311 120 minutes
DES 352 – Creating Secure Over the Air (OTA) Updates DES 352 90 minutes
ENG 110 – Essential Account Management Securitiy ENG 110 15 minutes
ENG 111 Essential Session Management Security ENG 111 15 minutes
ENG 112 – Essential Access Control for Mobile Devices ENG 112 15 minutes
ENG 113 – Essential Secure Configuration Management ENG 113 15 minutes
ENG 114 – Essential Risk Assessment ENG 114 15 minutes
ENG 115 – Essential System & Information Integrity ENG 115 15 minutes
ENG 116 – Essential Security Planning Policy & Procedures ENG 116 15 minutes
ENG 117 – Essential Information Security Program Planning ENG 117 15 minutes
ENG 118 – Essential Incident Response ENG 118 15 minutes
ENG 119 – Essential Security Audit & Accountability ENG 119 15 minutes
ENG 120 – Essential Security Assessment & Authorization ENG 120 15 minutes
ENG 121 – Essential Identification & Authentication ENG 121 15 minutes
ENG 122 – Essential Physical & Environmental Protection ENG 122 15 minutes
ENG 123 – Essential Security Engineering Principles ENG 123 15 minutes
ENG 124 – Essential Application Protection ENG 124 15 minutes
ENG 125 – Essential Data Protection ENG 125 15 minutes
ENG 126 – Essential Security Maintenance Policies ENG 126 15 minutes
ENG 127 – Essential Media Protection ENG 127 15 minutes
ENG 150 – Meeting Confidentiality, Integrity, and Availability (NEW) ENG 150 30 minutes
ENG 191 – Introduction to the Microsoft SDL ENG 191 25 minutes
ENG 192- Implementing the Agile Microsoft SDL ENG 192 20 minutes
ENG 193 – Implementing the Microsoft SDL Optimization Model ENG 193 12 minutes
ENG 194 – Implementing Microsoft SDL Line of Business ENG 194 20 minutes
ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool ENG 195 20 minutes
ENG 205 – Fundamentals of Threat Modeling ENG 205 60 minutes
ENG 211 – How to Create Application Security Design Requirements ENG 211 60 minutes
ENG 311 – Attack Surface Analysis & Reduction ENG 311 60 minutes
ENG 312 – How to Perform a Security Code Review ENG 312 60 minutes
Protecting Sensitive Data while Scripting Deprecated 30 minutes
TST 101 – Fundamentals of Security Testing (UPDATED) TST 101 20 minutes
TST 222 – Testing for OWASP 2017: Injection TST 222 15 minutes
TST 223 – Testing for OWASP 2017: Broken Authentication TST 223 12 minutes
TST 224 – Testing for OWASP 2017: Sensitive Data Exposure TST 224 12 minutes
TST 225 – Testing for OWASP 2017: XML External Entities TST 225 10 minutes
TST 226 – Testing for OWASP 2017: Broken Access Control TST 226 10 minutes
TST 227 – Testing for OWASP 2017: Security Misconfiguration TST 227 10 minutes
TST 228 – Testing for OWASP 2017: Cross Site Scripting (XSS) TST 228 15 minutes
TST 229 – Testing for OWASP 2017: Insecure Deserialization TST 229 10 minutes
TST 230 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities TST 230 10 minutes
TST 231 – Testing for OWASP 2017: Insufficient Logging & Monitoring TST 231 10 minutes
TST 251 – Testing for SQL Injection (CWE-89) TST 251 15 minutes
TST 252 – Testing for OS Command Injection (CWE-78) TST 252 15 minutes
TST 253 – Testing for Classic Buffer Overflow (CWE-120) TST 253 15 minutes
TST 254 – Testing for Cross-site Scripting (CWE-79) TST 254 15 minutes
TST 255 – Testing for Missing Authentication for Critical Function (CWE-306) TST 255 15 minutes
TST 256 – Testing for Missing Authorization (CWE-862) TST 256 15 minutes
TST 257 – Testing for Use of Hard-Coded Credentials (CWE-798) TST 257 15 minutes
TST 258 – Testing for Missing Encryption of Sensitive Data (CWE-311) TST 258 15 minutes
TST 259 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434) TST 259 15 minutes
TST 260 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807) TST 260 15 minutes
TST 261 – Testing for Execution with Unnecessary Privileges (CWE-250) TST 261 15 minutes
TST 262 – Testing for Cross Site Request Forgery (CSRF): CWE-352 TST 262 15 minutes
TST 263 – Testing for Path Traversal (CWE-22) TST 263 15 minutes
TST 264 – Testing for Download of Code without Integrity Check (CWE-494) TST 264 15 minutes
TST 265 – Testing for Incorrect Authorization (CWE-863) TST 265 15 minutes
TST 266 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829) TST 266 15 minutes
TST 267 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732) TST 267 15 minutes
TST 268 – Testing for Use of a Potentially Dangerous Function (CWE-676) TST 268 15 minutes
TST 269 – Testing for Use of a Broken or Risky Cryptographic Algorithm (CWE-327) TST 269 15 minutes
TST 270 – Testing for Incorrect Calculation of Buffer Size (CWE-131) TST 270 15 minutes
TST 271 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307) TST 271 15 minutes
TST 272 – Testing for Open Redirect (CWE-601) TST 272 15 minutes
TST 273 – Testing for Uncontrolled Format String (CWE-134) TST 273 15 minutes
TST 274 – Testing for Integer Overflow or Wraparound (CWE-190) TST 274 15 minutes
TST 275 – Testing for Use of a One-way Hash without a Salt (CWE-759) TST 275 15 minutes