Course Catalog / Learning Path / C Developer

C Developer

Overview

The C Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide a solid understanding of security features required to develop secure code that integrates into operating systems, operating system modules, embedded systems, or low-level libraries for other high-level languages.

The C Developer learning path covers key application security concepts including:

Memory management and string handling
Avoiding common pitfalls
C specific security flaws

Core

Fundamentals of Application Security
Secure Software Concepts
Fundamentals of Secure Development
Threats to Scripts

Advanced

Protecting C Code Series (3)
Fundamentals of Cryptography Series (4)
Testing for Missing Authentication for Critical Function
Testing for use of Hard-Coded Credentials
Testing for Unrestricted Upload of File with Dangerous Type
Testing for Reliance of Untrusted Inputs in a Security Decision
Testing for Execution with Unnecessary Privileges
Testing for Download of Code without Integrity Check
Testing for Inclusion of Functionality from Untrusted Control Sphere
Testing for Incorrect Permission Assignment for Critical Resource
Testing for Use of a Potentially Dangerous Function
Testing for Improper Restriction of Excessive Authentication Attempts
Testing for Open Redirect
Testing for Uncontrolled Format String

Elite

Fundamentals of Secure Architecture
Architecture Risk Analysis and Remediation
Creating Secure Application Architecture
Integrating the MS SDL into your SDLC Series (5)
How to Create Application Security Design Requirements
Attack Surface Analysis & Reduction
How to Perform a Security Code Review

Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 34

Total Duration: 19 hours

Total CPE Credits: 23.5

The Courses

View All Courses Download Learning Path Catalog Download Course Catalog

Course Catalog / Learning Path / C Developer

C Developer

Overview

Learning Path Details

The Courses

Testing for Open Redirect (CWE-601)

Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)

Testing for Use of a Potentially Dangerous Function (CWE-676)

Testing or Incorrect Permission Assignment for Critical Resource (CWE-732)

Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

Testing for Download of Code without Integrity Check (CWE-494)

Testing for Execution with Unnecessary Privileges (CWE-250)

Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)

Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)

Testing for Use of Hard-Coded Credentials (CWE-798)

Testing for Missing Authentication for Critical Function (CWE-306)

ENG 312 – How to Perform a Security Code Review

Attack Surface Analysis & Reduction

How to Create Application Security Design Requirements

Fundamentals of Threat Modeling

Implementing the Microsoft SDL Threat Modeling Tool

Implementing Microsoft SDL Line of Business

Implementing the Microsoft SDL Optimization Model

Implementing the Agile Microsoft SDL

Creating Secure Application Architecture

Architecture Risk Analysis & Remediation

Message Integrity Cryptographic Functions

Role of Cryptography in Application Development

Cryptographic Components: Randomness, Algorithms, and Key Management

Cryptographic Suite Services: Encoding, Encrypting & Hashing

Fundamentals of Secure Architecture

Common C Vulnerabilities & Attacks

Secure C Memory Management

Secure C Buffer Overflow Mitigations

Secure C Runtime Protection

Secure C Encrypted Network Communications

Fundamentals of Secure Development

Secure Software Concepts

Fundamentals of Application Security