Overview
The Back-end Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide a solid foundation of security features needed to write web services and API’s used by front-end and mobile application developers.
The Back-end Developer learning path presents secure coding best practices in all phases of the development life cycle across cutting-edge technologies like Node.js, Angular.js, and MySQL with special attention to managing the interchange of data between the server and users.
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts (UPDATED)
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development (UPDATED)
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- API 210 Mitigating APIs Lack of Resources & Rate Limiting (NEW)
- API 211 Mitigating APIs Broken Object Level Authorization (NEW)
- COD 241 – Creating Secure Oracle DB Applications
- COD 251 – Defending AJAX-Enabled Web Applications
- COD 255 – Creating Secure Code: Web API Foundations
- COD 267 – Securing Python Microservices
- COD 287 – Java Application Server Hardening
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10
- DES 212 – Architecture Risk Analysis & Remediation
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)
- DES 235 Mitigating OWASP 2021 Insecure Design (NEW)
- DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)
- DSO 212 Fundamentals of Zero Trust Security (NEW)
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- COD 352 – Creating Secure JavaScript and jQuery Code
- COD 383 – Protecting Java Backend Services
- DES 311 – Creating Secure Application Architecture
- DES 313 Hardening a Kubernetes Cluster (NEW)
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 303 Testing for Cryptographic Failures (NEW)
- SDT 304 Testing for Insecure Design (NEW)
- SDT 306 Testing for Security Misconfiguration (NEW)
- SDT 307 Testing for Server-Side Request Forgery (SSRF) (NEW)
Learning Path Details
Number of Courses: 38
Number of Labs: 12
Total Duration: 15 hours
Total CPE Credits: 18