Course Catalog / Learning Path / Software Architect

Software Architect

Overview

The Software Architect learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those making design choices, coordinating and overseeing technical standards and includes software coding standards, tools, and platforms.

Concepts covered include:

Secure software architecture best practices that can be applied to early phase SDLC activities
Defensive coding techniques
Avoiding systemic issues found in insecure software

Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 70

Total Duration: 16 hours

Total CPE Credits: 19

The Courses

View All Courses Download Learning Path Catalog Download Course Catalog

DSO 301 – Automating Secure Configuration Management (Coming Soon)

Course Catalog / Learning Path / Software Architect

Software Architect

Overview

Learning Path Details

The Courses

DSO 305 – Automating CI/CD Pipeline Compliance (Coming Soon)

DSO 304 – Securing API Gateways in a DevSecOps Framework (Coming Soon)

DSO 302- Automated Security Testing (Coming Soon)

DSO 301 – Automating Secure Configuration Management (Coming Soon)

DSO 211 – Identifying Threats to Containers in a DevSecOps Framework (Coming Soon)

DES 282 – OWASP IoT2: Mitigating Insecure Network Services (NEW)

DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords (NEW)

DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces (NEW)

DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism (NEW)

DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components (NEW)

DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection (NEW)

DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage (NEW)

DES 288 – OWASP IoT8: Mitigating Lack of Device Management (NEW)

DES 289 – OWASP IoT9: Mitigating Insecure Default Settings (NEW)

DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening (NEW)

ENG 354 – Authorizing and Monitoring System Controls within the RMF (NEW)

ENG 353 – Selecting, Implementing and Assessing Controls within the RMF (NEW)

ENG 352 – Categorizing Systems and Information within the RMF (NEW)

DSO 201 – Fundamentals of Secure DevOps

DES 255 – Securing the IoT Update Process

DES 151 – Fundamentals of the PCI Secure SLC Standard

DES 216 – Protecting Cloud Infrastructure

ENG 351 – Preparing the Risk Management Framework

ENG 251 – Risk Management Foundations

COD 267 – Securing Python Microservices

DES 214 – Securing Infrastructure Architecture

DES 215 – Defending Infrastructure

COD 108 – Software Operations and Maintenance

COD 107 – Secure Software Deployment

COD 106 – The Importance of Software Integration and Testing

COD 105 – Secure Software Development

COD 104 – Designing Secure Software

COD 103 – Creating Software Security Requirements

COD 102 – The Role of Software Security

COD 347 – Testing for Open Redirect (CWE-601)

COD 346 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)

COD 343 – Testing for Use of a Potentially Dangerous Function (CWE-676)

COD 342 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732)

COD 341 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

COD 339 – Testing for Download of Code without Integrity Check (CWE-494)

COD 336 – Testing for Execution with Unnecessary Privileges (CWE-250)

COD 335 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)

COD 334 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)

COD 332 – Testing for Use of Hard-Coded Credentials (CWE-798)

COD 330 – Testing for Missing Authentication for Critical Function (CWE-306)

ENG 312 – How to Perform a Security Code Review

ENG 311 – Attack Surface Analysis & Reduction

ENG 211 – How to Create Application Security Design Requirements

DES 311 – Creating Secure Application Architecture

DES 260 – Fundamentals of IoT Architecture & Design

DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities

DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities

DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization

DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)

DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration

DES 226 – Applying OWASP 2017: Mitigating Broken Access Control

DES 225 – Applying OWASP 2017: Mitigating XML External Entities

DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure

DES 223 – Applying OWASP 2017: Mitigating Broken Authentication

DES 222 – Applying OWASP 2017: Mitigating Injection

DES 212 – Architecture Risk Analysis & Remediation

DES 205 – Message Integrity Cryptographic Functions

DES 204 – Role of Cryptography in Application Development

DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management

DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing

DES 101 – Fundamentals of Secure Architecture

COD 261 – Threats to Scripts

COD 141 – Fundamentals of Database Security

AWA 102 – Secure Software Concepts

AWA 101 – Fundamentals of Application Security