Overview
The Mobile Developer learning path includes a variety of courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide developers with a solid foundation of security features necessary to develop applications for mobile devices.
Course concepts include:
- Identifying common mobile application risks
- Best practices for designing secure mobile applications
- Coding mistakes to avoid
- COD 261 – Threats to Scripts
- COD 286 – Creating Secure React User Interfaces (NEW)
- DES 204 – Role of Cryptography in Application Development
- DES 212 – Architecture Risk Analysis & Remediation
- DES 255 – Securing the IoT Update Process
- DES 260 – Fundamentals of IoT Architecture & Design
- DES 271 – OWASP M1: Mitigating Improper Platform Usage
- DES 272 – OWASP M2: Mitigating Insecure Data Storage
- DES 273 – OWASP M3: Mitigating Insecure Communication
- DES 274 – OWASP M4: Mitigating Insecure Authentication
- DES 275 – OWASP M5: Mitigating Insufficient Cryptography
- DES 276 – OWASP M6: Mitigating Insecure Authorization
- DES 277 – OWASP M7: Mitigating Client Code Quality
- DES 278 – OWASP M8: Mitigating Code Tampering
- DES 279 – OWASP M9: Mitigating Reverse Engineering
- DES 280 – OWASP M10: Mitigating Extraneous Functionality
- DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism
- DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection
- DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage
- DES 288 – OWASP IoT8: Mitigating Lack of Device Management
- DES 289 – OWASP IoT9: Mitigating Insecure Default Settings
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations (NEW)
- COD 316 – Creating Secure iOS Code in Objective C
- COD 317 – Creating Secure iOS Code in Swift (Update Coming Soon)
- COD 318 – Creating Secure Android Code in Java (Update Coming Soon)
- COD 327 – Testing for OS Command Injection (CWE-78)
- COD 328 – Testing for Classic Buffer Overflow (CWE-120)
- COD 330 – Testing for Missing Authentication for Critical Function (CWE-306)
- COD 332 – Testing for Use of Hard-Coded Credentials (CWE-798)
- COD 333 – Testing for Missing Encryption of Sensitive Data (CWE-311)
- COD 334 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)
- COD 335 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)
- COD 336 – Testing for Execution with Unnecessary Privileges (CWE-250)
- COD 339 – Testing for Download of Code without Integrity Check (CWE-494)
- COD 341 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)
- COD 342 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732)
- COD 343 – Testing for Use of a Potentially Dangerous Function (CWE-676)
- COD 344 – Testing for Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
- COD 345 – Testing for Incorrect Calculation of Buffer Size (CWE-131)
- COD 346 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)
- COD 347 – Testing for Open Redirect (CWE-601)
- COD 348 – Testing for Uncontrolled Format String (CWE-134)
- COD 350 – Testing for Use of a One-way Hash without a Salt (CWE-759)
- COD 366 – Creating Secure Kotlin Applications (NEW)
- DES 311 – Creating Secure Application Architecture
- DSO 307 – Secure Secrets Management (NEW)
- ENG 312 – How to Perform a Security Code Review
Learning Path Details
Number of Courses: 54
Total Duration: 18 hour
Total CPE Credits: 21