Course Catalog / Learning Path / C Developer

C Developer

Overview

The C Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide a solid understanding of security features required to develop secure code that integrates into operating systems, operating system modules, embedded systems, or low-level libraries for other high-level languages.

The C Developer learning path covers key application security concepts including:

  • Memory management and string handling
  • Avoiding common pitfalls
  • C specific security flaws

Core

  • AWA 101 Fundamentals of Application Security
  • AWA 102 Secure Software Concepts
  • COD 102-108 Fundamentals of SDLC Security Series (7)
  • COD 261 Threats to Scripts

Advanced

  • COD 201-202 Creating Secure C Code Series (2)
  • COD 301-303 Protecting C Code Series (3)
  • DES 202-205 Fundamentals of Cryptography Series (4)
  • TST 255 Testing for Missing Authentication for Critical Function
  • TST 257 Testing for use of Hard-Coded Credentials
  • TST 259 Testing for Unrestricted Upload of File with Dangerous Type
  • TST 260 Testing for Reliance of Untrusted Inputs in a Security Decision
  • TST 261 Testing for Execution with Unnecessary Privileges
  • TST 264 Testing for Download of Code without Integrity Check
  • TST 266 Testing for Inclusion of Functionality from Untrusted Control Sphere
  • TST 267 Testing for Incorrect Permission Assignment for Critical Resource
  • TST 268 Testing for Use of a Potentially Dangerous Function
  • TST 271 Testing for Improper Restriction of Excessive Authentication Attempts
  • TST 272 Testing for Open Redirect
  • TST 273 Testing for Uncontrolled Format String

Elite

  • DES 101 Fundamentals of Secure Architecture
  • DES 212 Architecture Risk Analysis and Remediation
  • DES 311 Creating Secure Application Architecture
  • ENG 191-195 Integrating the MS SDL into your SDLC Series (5)
  • ENG 211 How to Create Application Security Design Requirements
  • ENG 311 Attack Surface Analysis & Reduction
  • ENG 312 How to Perform a Security Code Review
Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 40

Total Duration: 19 hours

Total CPE Credits: 23.5

The Courses

View All Courses     Download Learning Path Catalog     Download Course Catalog

COD 108 – Software Operations and Maintenance (NEW)

10 Minutes

COD 107 – Secure Software Deployment (NEW)

10 Minutes

COD 106 – The Importance of Software Integration and Testing (NEW)

15 Minutes

COD 105 – Secure Software Development (NEW)

20 Minutes

COD 104 – Designing Secure Software (NEW)

15 Minutes

COD 103 – Creating Software Security Requirements (NEW)

10 Minutes

COD 102 – The Role of Software Security (NEW)

10 Minutes

TST 272 – Testing for Open Redirect (CWE-601)

15 Minutes
Advanced

TST 271 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)

15 Minutes
Advanced

TST 268 – Testing for Use of a Potentially Dangerous Function (CWE-676)

15 Minutes
Advanced

TST 267 – Testing or Incorrect Permission Assignment for Critical Resource (CWE-732)

15 Minutes
Advanced

TST 266 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

15 Minutes
Advanced

TST 264 – Testing for Download of Code without Integrity Check (CWE-494)

15 Minutes
Advanced

TST 261 – Testing for Execution with Unnecessary Privileges (CWE-250)

15 Minutes
Advanced

TST 260 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)

15 Minutes
Advanced

TST 259 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)

15 Minutes
Advanced

TST 257 – Testing for Use of Hard-Coded Credentials (CWE-798)

15 Minutes
Advanced

TST 255 – Testing for Missing Authentication for Critical Function (CWE-306)

10 Minutes
Advanced

ENG 312 – How to Perform a Security Code Review

60 Minutes
Elite

ENG 311 – Attack Surface Analysis & Reduction

60 Minutes
Elite

ENG 211 – How to Create Application Security Design Requirements

60 Minutes
Advanced

ENG 205 – Fundamentals of Threat Modeling

60 Minutes
Advanced

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool

20 Minutes
Core

ENG 194 – Implementing Microsoft SDL Line of Business

20 Minutes
Core

ENG 193 – Implementing the Microsoft SDL Optimization Model

25 Minutes
Core

ENG 192- Implementing the Agile Microsoft SDL

20 Minutes
Core

DES 311 – Creating Secure Application Architecture

120 Minutes
Advanced

DES 212 – Architecture Risk Analysis & Remediation

60 Minutes
Advanced

DES 205 – Message Integrity Cryptographic Functions

45 Minutes
Advanced

DES 204 – Role of Cryptography in Application Development

15 Minutes
Advanced

DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management

15 Minutes
Advanced

DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing

45 Minutes

DES 101 – Fundamentals of Secure Architecture

60 Minutes
Core

COD 303 – Common C Vulnerabilities & Attacks

20 Minutes
Elite

COD 302 -Secure C Memory Management

30 Minutes
Elite

COD 301 – Secure C Buffer Overflow Mitigations

45 Minutes
Advanced

COD 202 – Secure C Runtime Protection

15 Minutes
Advanced

COD 201 – Secure C Encrypted Network Communications

15 Minutes
Advanced

AWA 102 – Secure Software Concepts

30 Minutes
Core

AWA 101 – Fundamentals of Application Security (UPDATED)

30 Minutes
Core