Overview
The Cloud Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for the design, development, and deployment of cloud applications and provides learners with a clear understanding of how to mitigate cloud computing risks.
Topics covered include:
- “Big Data” and it introduces security challenges
- Cloud computing characteristics, service and deployment models, and regulatory requirements
- Platform-specific secure coding best practices including AWS and/or Azure
- COD 214 – Creating Secure GO Applications
- COD 241 – Creating Secure Oracle DB Applications
- COD 253 – Creating Secure AWS Cloud Applications
- COD 254 – Creating Secure Azure Applications
- COD 255 – Creating Secure Code: Web API Foundations
- COD 259 – Node.js Threats & Vulnerabilities
- COD 261 – Threats to Scripts
- COD 267 – Securing Python Microservices
- DES 204 – Role of Cryptography in Application Development
- DES 206 – Meeting Cloud Governance and Compliance Requirements (NEW)
- DES 212 – Architecture Risk Analysis & Remediation
- DES 214 – Securing Infrastructure Architecture
- DES 215 – Defending Infrastructure
- DES 216 – Protecting Cloud Infrastructure
- DES 218 – Protecting Microservices, Containers, and Orchestration
- DES 222 – Applying OWASP 2017: Mitigating Injection
- DES 223 – Applying OWASP 2017: Mitigating Broken Authentication
- DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
- DES 225 – Applying OWASP 2017: Mitigating XML External Entities
- DES 226 – Applying OWASP 2017: Mitigating Broken Access Control
- DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration
- DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
- DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization
- DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities
- DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities
- DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords
- DES 282 – OWASP IoT2: Mitigating Insecure Network Services
- DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces
- DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism
- DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components
- DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection
- DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage
- DES 288 – OWASP IoT8: Mitigating Lack of Device Management
- DES 289 – OWASP IoT9: Mitigating Insecure Default Settings
- DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening
- DSO 211 – Identifying Threats to Containers in a DevSecOps Framework
- DSO 253 – DevSecOps in the AWS Cloud
- DSO 254 – DevSecOps in the Azure Cloud
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations (NEW)
- DES 311 – Creating Secure Application Architecture
- DSO 301 – Orchestrating Secure System and Service Configuration
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 305 – Automating CI/CD Pipeline Compliance
- DSO 306 – Implementing Infrastructure as Code (NEW)
- DSO 307 – Secure Secrets Management (NEW)
- ENG 311 – Attack Surface Analysis & Reduction
- ENG 312 – How to Perform a Security Code Review
Learning Path Details
Number of Courses: 53
Total Duration: 21 hours
Total CPE Credits: 25