Course Catalog / Learning Path / Core Developer

Core Developer


The Core Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for the design, development, and management of applications across various environments and operating platforms and  provides learners with a solid foundation of application security best practices.

Concepts covered include:

  • Application security and risk drivers
  • Essential security engineering principles:  defensive coding, threat modeling, and gathering security design requirements
  • How to identify and mitigate CWE’s 25 most dangerous software errors


  • Fundamentals of Application Security
  • Secure Software Concepts
  • Fundamentals of Secure Development
  • Fundamentals of Secure Database Development
  • Fundamentals of Threat Modeling


  • Fundamentals of Cryptography Series (4)
  • Applying OWASP 2017 Mitigations Series (10)
  • Implementing the MS SDL into your SDLC (5)
  • Testing for Missing Authentication for Critical Function
  • Testing for Use of Hard-Coded Credentials
  • Testing for Unrestricted Upload of File with Dangerous Type
  • Testing for Reliance on Untrusted Inputs in A Security Decision
  • Testing for Execution with Unnecessary Privileges
  • Testing for Download of Code Without Integrity Check
  • Testing for Inclusion of Functionality from Untrusted Control Sphere
  • Testing for Incorrect Permission Assignment for Critical Resource
  • Testing for Use of a Potentially Dangerous Function
  • Testing for Improper Restriction of Excessive Authentication Attempts
  • Testing for Open Redirect
  • Testing for Uncontrolled Format String


  • Fundamentals of Secure Architecture
  • Architecture Risk Analysis and Remediation
  • Creating Secure Application Architecture
  • Integrating the MS SDL into your SDLC Series (5)
  • How to Create Application Security Design Requirements
  • Attack Surface Analysis & Reduction
  • How to Perform a Security Code Review

Learning Path Details

Number of Courses: 24

Total Duration: 19 hours

Total CPE Credits: 23