Course Catalog / Learning Path / Core Developer

Core Developer

Overview

The Core Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for the design, development, and management of applications across various environments and operating platforms and provides learners with a solid foundation of application security best practices.

Concepts covered include:

Application security and risk drivers
Essential security engineering principles: defensive coding, threat modeling, and gathering security design requirements
How to identify and mitigate CWE’s 25 most dangerous software errors

Core

Fundamentals of Application Security
Secure Software Concepts
Fundamentals of Secure Development
Fundamentals of Secure Database Development
Fundamentals of Threat Modeling

Advanced

Fundamentals of Cryptography Series (4)
Applying OWASP 2017 Mitigations Series (10)
Implementing the MS SDL into your SDLC (5)
Testing for Missing Authentication for Critical Function
Testing for Use of Hard-Coded Credentials
Testing for Unrestricted Upload of File with Dangerous Type
Testing for Reliance on Untrusted Inputs in A Security Decision
Testing for Execution with Unnecessary Privileges
Testing for Download of Code Without Integrity Check
Testing for Inclusion of Functionality from Untrusted Control Sphere
Testing for Incorrect Permission Assignment for Critical Resource
Testing for Use of a Potentially Dangerous Function
Testing for Improper Restriction of Excessive Authentication Attempts
Testing for Open Redirect
Testing for Uncontrolled Format String

Elite

Fundamentals of Secure Architecture
Architecture Risk Analysis and Remediation
Creating Secure Application Architecture
Integrating the MS SDL into your SDLC Series (5)
How to Create Application Security Design Requirements
Attack Surface Analysis & Reduction
How to Perform a Security Code Review

Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 24

Total Duration: 19 hours

Total CPE Credits: 23

The Courses

View All Courses Download Learning Path Catalog Download Course Catalog

ENG 312 – How to Perform a Security Code Review

ENG 311 – Attack Surface Analysis & Reduction

ENG 211 – How to Create Application Security Design Requirements

ENG 205 – Fundamentals of Threat Modeling

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool

ENG 194 – Implementing Microsoft SDL Line of Business

ENG 193 – Implementing the Microsoft SDL Optimization Model

ENG 192- Implementing the Agile Microsoft SDL

Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities

Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities

Applying OWASP 2017: Mitigating Insecure Deserialization

Applying OWASP 2017: Mitigating XML External Entities

Applying OWASP 2017: Mitigating Sensitive Data Exposure

Applying OWASP 2017: Mitigating Broken Authentication

Architecture Risk Analysis & Remediation

Message Integrity Cryptographic Functions

Role of Cryptography in Application Development

Cryptographic Components: Randomness, Algorithms, and Key Management

Cryptographic Suite Services: Encoding, Encrypting & Hashing

Fundamentals of Secure Architecture

Fundamentals of Secure Database Development

110 Minutes

Fundamentals of Secure Development

Secure Software Concepts

Fundamentals of Application Security