Overview
The C Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide a solid understanding of security features required to develop secure code that integrates into operating systems, operating system modules, embedded systems, or low-level libraries for other high-level languages.
The C Developer learning path covers key application security concepts including:
- Memory management and string handling
- Avoiding common pitfalls
- C specific security flaws
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- COD 201 – Secure C Encrypted Network Communications
- COD 202 – Secure C Runtime Protection
- COD 261 – Threats to Scripts
- DES 204 – Role of Cryptography in Application Development
- DES 212 – Architecture Risk Analysis & Remediation
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- COD 301 – Secure C Buffer Overflow Mitigations
- COD 302 -Secure C Memory Management (UPDATED)
- COD 303 – Common C Vulnerabilities & Attacks (UPDATED)
- COD 330 – Testing for Missing Authentication for Critical Function (CWE-306)
- COD 332 – Testing for Use of Hard-Coded Credentials (CWE-798)
- COD 334 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)
- COD 335 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)
- COD 336 – Testing for Execution with Unnecessary Privileges (CWE-250)
- COD 339 – Testing for Download of Code without Integrity Check (CWE-494)
- COD 341 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)
- COD 342 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732)
- COD 343 – Testing for Use of a Potentially Dangerous Function (CWE-676)
- COD 346 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)
- COD 347 – Testing for Open Redirect (CWE-601)
- COD 348 – Testing for Uncontrolled Format String (CWE-134)
- DES 311 – Creating Secure Application Architecture
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
Learning Path Details
Number of Courses: 36
Total Duration: 12 hours
Total CPE Credits: 14