Overview
The Secure Software Architect Learning Path includes a variety of security courses designed for those making design choices, coordinating, and overseeing technical standards and includes software coding standards, tools, and platforms. The curriculum provides learners with the ability to apply secure software architecture best practices to early phase SDLC activities. Learners will gain the knowledge and skill to implement defensive coding techniques and avoid systemic issues found in insecure software.
Courses
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- COD 141 – Fundamentals of Database Security
- DES 101 – Fundamentals of Secure Architecture
- DES 151 – Fundamentals of the PCI Secure SLC Standard
Overview
The Secure Software Architect Learning Path includes a variety of security courses designed for those making design choices, coordinating, and overseeing technical standards and includes software coding standards, tools, and platforms. The curriculum provides learners with the ability to apply secure software architecture best practices to early phase SDLC activities. Learners will gain the knowledge and skill to implement defensive coding techniques and avoid systemic issues found in insecure software.
Courses
- API 210 – Mitigating APIs Lack of Resources & Rate Limiting
- API 211 – Mitigating APIs Broken Object Level Authorization
- API 213 – Mitigating APIs Mass Assignment
- API 214 – Mitigating APIs Improper Asset Management
- COD 252 – Securing Google Platform Applications & Data
- COD 261 – Threats to Scripts
- COD 267 – Securing Python Microservices
- CYB 250 – Cyber Threat Hunting: Tactics, Techniques, and Procedures (TTP)
- DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing
- DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management
- DES 204 – Role of Cryptography in Application Development
- DES 205 – Message Integrity Cryptographic Functions
- DES 207 – Mitigating OWASP API Security Top 10
- DES 209 – Authentication and Lifecycle Management
- DES 212 – Architecture Risk Analysis & Remediation
- DES 214 – Securing Infrastructure Architecture
- DES 215 – Defending Infrastructure
- DES 216 – Protecting Cloud Infrastructure
- DES 217 – Securing Terraform Infrastructure and Resources
- DES 218 – Protecting Microservices, Containers, and Orchestration
- DES 232 – Mitigating OWASP 2021 Injection
- DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures
- DES 235 – Mitigating OWASP 2021 Insecure Design
- DES 236 – Mitigating OWASP 2021 Broken Access Control
- DES 237 – Mitigating OWASP 2021 Security Misconfiguration
- DES 238 – Mitigating OWASP 2021 Server-Side Request Forgery (SSRF)
- DES 239 – Mitigating OWASP 2021 Software and Data Integrity Failures
- DES 240 – Mitigating OWASP 2021 Vulnerable and Outdated Components
- DES 241 – Mitigating OWASP 2021 Security Logging and Monitoring Failures
- DES 255 – Securing the IoT Update Process
- DES 260 – Fundamentals of IoT Architecture & Design
- DSO 201 – Fundamentals of Secure DevOps
- DSO 211 – Identifying Threats to Containers in a DevSecOps Framework
- DSO 212 – Fundamentals of Zero Trust Security
- DSO 256 – DevSecOps in the Google Cloud Platform
- ENG 211 – How to Create Application Security Design Requirements
- ENG 251 – Risk Management Foundations
- LAB 101 – Identifying Broken Access Control Vulnerabilities
- LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities
- LAB 103 – Identifying Broken User Authentication Vulnerabilities
- LAB 104 – Identifying Business Logic Flaw Vulnerabilities
- LAB 105 – Identifying Credential Dumping Vulnerabilities
- LAB 106 – Identifying Cross-Site Scripting Vulnerabilities
- LAB 107 – Identifying Injection Vulnerabilities
- LAB 108 – Identifying Reverse Engineering Vulnerabilities
- LAB 109 – Identifying Security Misconfiguration Vulnerabilities
- LAB 110 – Identifying Sensitive Data Exposure Vulnerabilities
- LAB 114 – Identifying Cookie Tampering
- LAB 115 – Identifying Reflective XSS
- LAB 116 – Identifying Forceful Browsing
- LAB 117 – Identifying Hidden Form Field
- LAB 118 – Identifying Weak File Upload Validation
- LAB 119 – Identifying Persistent XSS
- LAB 120 – Identifying XML Injection
- LAB 220 – Defending Against Hard-Coded Secrets
- TST 206 – ASVS Requirements for Developers
Overview
The Secure Software Architect Learning Path includes a variety of security courses designed for those making design choices, coordinating, and overseeing technical standards and includes software coding standards, tools, and platforms. The curriculum provides learners with the ability to apply secure software architecture best practices to early phase SDLC activities. Learners will gain the knowledge and skill to implement defensive coding techniques and avoid systemic issues found in insecure software.
Courses
- COD 287 – Java Application Server Hardening
- COD 383 – Protecting Java Backend Services
- CYB 310 -Using Cyber Supply Chain Risk Management(C-SCRM) to Mitigate Threats to IT/OT
- DES 311 – Creating Secure Application Architecture
- DSO 301 – Orchestrating Secure System and Service Configuration
- DSO 302 – Automated Security Testing
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 305 – Automating CI/CD Pipeline Compliance
- ENG 311 – Attack Surface Analysis & Reduction
- ENG 312 – How to Perform a Security Code Review
- ENG 320 – Using Software Composition Analysis (SCA) to Secure Open Source Components
- ENG 351 – Preparing the Risk Management Framework
- ENG 352 – Categorizing Systems and Information within the RMF
- ENG 353 – Selecting, Implementing and Assessing Controls within the RMF
- ENG 354 – Authorizing and Monitoring System Controls within the RMF
- LAB 315 – ATT&CK: Updating Vulnerable Java Web Application Server Software
- LAB 321 – ATT&CK: Password Cracking
- LAB 323 – ATT&CK: Exploiting Vulnerable Java Web Application Server Software
- LAB 324 – ATT&CK: Exploiting Java Web Application Server Misconfiguration
- LAB 330 – ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes
- LAB 331 – ATT&CK: Network Service Discovery
- LAB 332 – ATT&CK: Network Share Discovery
- LAB 334 – ATT&CK: Create Account
- LAB 335 – ATT&CK: Unsecured Credentials
- LAB 336 – ATT&CK: Data from Local System
- LAB 337 – ATT&CK: Valid Accounts
- SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
- SDT 315 – Testing for Incorrect Permission Assignment for Critical Resource
- SDT 316 – Testing for Use of Hard-Coded Credentials
- TST 302 – Application Penetration Testing
- TST 303 – Penetration Testing for Google Cloud Platform
- TST 304 – Penetration Testing for AWS Cloud
- TST 305 – Penetration Testing for Azure Cloud
Overview
Learning paths may include elective course content that is not required to complete SI-CSC certification exams successfully. These additional courses are suggested based on alignment with the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. To understand how courses map to this framework, please contact us.
Courses
- DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords
- DES 282 – OWASP IoT2: Mitigating Insecure Network Services
- DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces
- DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism
- DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components
- DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection
- DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage
- DES 288 – OWASP IoT8: Mitigating Lack of Device Management
- DES 289 – OWASP IoT9: Mitigating Insecure Default Settings
- DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening
- LAB 221 – Defending C# Applications Against SQL Injection
- LAB 222 – Defending Python Applications Against SQL Injection
- LAB 223 – Defending Node.js Applications Against SQL Injection
- LAB 228 – Defending Java Applications Against Weak AES ECB Mode Encryption
- LAB 229 – Defending Java Applications Against Weak PRNG
- LAB 230 – Defending Java Applications Against XSS
- LAB 231 – Defending Python Applications Against XSS
- LAB 232 – Defending C# Applications Against XSS
- LAB 233 – Defending Node.js Applications Against XSS
- LAB 234 – Defending Java Applications Against Parameter Tampering
- LAB 235 – Defending Java Applications Against Plaintext Password Storage
- LAB 236 – Defending Java Applications Against Sensitive Information in Error Messages
- LAB 237 – Defending Java Applications Against SQL Injection
- LAB 238 – Defending C# Applications Against Weak AES ECB Mode Encryption
- LAB 239 – Defending C# Applications Against Weak PRNG
- LAB 240 – Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 241 – Defending C# Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 242 – Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 243 – Defending Python Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 244 – Defending Java Applications Against Security Misconfiguration
- LAB 245 – Defending Node.js Applications Against Plaintext Password Storage
- LAB 246 – Defending Node.js Applications Against Weak AES ECB Mode Encryption
- LAB 247 – Defending Node.js Applications Against Weak PRNG
- LAB 248 – Defending Node.js Applications Against Parameter Tampering
- LAB 249 – Defending Python Applications Against Plaintext Password Storage
- LAB 250 – Defending C# Applications Against Parameter Tampering
- LAB 251 – Defending C# Applications Against Plaintext Password Storage
- LAB 252 – Defending Python Applications Against Weak AES ECB Mode Encryption
- LAB 253 – Defending Python Applications Against Weak PRNG
- LAB 254 – Defending Python Applications Against Parameter Tampering
- LAB 260 – Defending C# Applications Against Sensitive Information in Error Messages
- LAB 261 – Defending Python Applications Against Sensitive Information in Error Messages
- LAB 262 – Defending Node.js Applications Against Sensitive Information in Error Messages
- LAB 263 – Defending Java Applications Against Sensitive Information in Log Files
- LAB 264 – Defending Python Applications Against Sensitive Information in Log Files
- LAB 265 – Defending Node.js Applications Against Sensitive Information in Log Files
- LAB 266 – Defending C# Applications Against Sensitive Information in Log Files
- LAB 267 – Defending Java Applications Against Deserialization of Untrusted Data
- LAB 268 – Defending Python Applications Against Deserialization of Untrusted Data
- LAB 269 – Defending Node.js Applications Against Deserialization of Untrusted Data
- LAB 270 – Defending C# Applications Against Deserialization of Untrusted Data
- LAB 271 – Defending Java Applications Against SSRF
- LAB 272 – Defending Python Applications Against SSRF
- LAB 273 – Defending Node.js Applications Against SSRF
- LAB 274 – Defending C# Applications Against SSRF
- LAB 275 – Defending Java Applications Against Command Injection
- LAB 276 – Defending Python Applications Against Command Injection
- LAB 277 – Defending Node.js Applications Against Command Injection
- LAB 278 – Defending C# Applications Against Command Injection
- LAB 279 – Defending Java Applications Against Dangerous File Upload
- LAB 280 – Dending Python Applications Against Dangerous File Upload
- LAB 281 – Defending Node.js Applications Against Dangerous File Upload
- LAB 282 – Defending C# Applications Against Dangerous File Upload
- LAB 283 – Defending Java Applications Against RegEx DoS
- LAB 284 – Defending Python Applications Against RegEx DoS
- LAB 285 – Defending Node.js Applications Against RegEx DoS
- LAB 286 – Defending C# Applications Against RegEx DoS
Learning Path Details
Number of Courses: 73
Number of Labs: 29
Total Duration: 29 hours
Total CPE Credits: 35