Overview
The Mobile Developer learning path includes a variety of courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide developers with a solid foundation of security features necessary to develop applications for mobile devices.
Course concepts include:
- Identifying common mobile application risks
- Best practices for designing secure mobile applications
- Coding mistakes to avoid
- AWA 101 – Fundamentals of Application Security (UPDATED)
- AWA 102 – Secure Software Concepts
- COD 110 – Fundamentals of Secure Mobile Development (Updated)
- COD 261 – Threats to Scripts (UPDATED)
- DES 101 – Fundamentals of Secure Architecture (Updated)
- ENG 112 – Essential Access Control for Mobile Devices
- ENG 205 – Fundamentals of Threat Modeling (Updated)
- COD 229 – Insecure IoT Mobile Interface (UPDATED)
- COD 230 – Insecure IoT Firmware (UPDATED)
- COD 234 – Mobile Threats & Mitigations
- COD 235 – Defending Mobile Data with Cryptography
- COD 236 – Mobile App Authentication & Authorization
- COD 237 – Defending Mobile App Code
- COD 316 – Creating Secure iOS Code in Objective C
- COD 317 – Creating Secure iOS Code in Swift (Updated)
- COD 318 – Creating Secure Android Code in Java (Updated)
- DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing
- DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management
- DES 204 – Role of Cryptography in Application Development
- DES 205 – Message Integrity Cryptographic Functions
- DES 255 – Securing the IoT Update Process (New)
- DES 260 – Fundamentals of IoT Architecture & Design
- TST 252 – Testing for OS Command Injection (CWE-78)
- TST 253 – Testing for Classic Buffer Overflow (CWE-120)
- TST 255 – Testing for Missing Authentication for Critical Function (CWE-306)
- TST 257 – Testing for Use of Hard-Coded Credentials (CWE-798)
- TST 258 – Testing for Missing Encryption of Sensitive Data (CWE-311)
- TST 259 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)
- TST 260 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)
- TST 261 – Testing for Execution with Unnecessary Privileges (CWE-250)
- TST 264 – Testing for Download of Code without Integrity Check (CWE-494)
- TST 266 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)
- TST 267 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732)
- TST 268 – Testing for Use of a Potentially Dangerous Function (CWE-676)
- TST 269 – Testing for Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
- TST 270 – Testing for Incorrect Calculation of Buffer Size (CWE-131)
- TST 271 – Testing for Improper Restriction of Excessive Authentication Attempts (CWE-307)
- TST 272 – Testing for Open Redirect (CWE-601)
- TST 273 – Testing for Uncontrolled Format String (CWE-134)
- TST 275 – Testing for Use of a One-way Hash without a Salt (CWE-759)
- DES 212 – Architecture Risk Analysis & Remediation (Updated)
- DES 311 – Creating Secure Application Architecture (Updated)
- ENG 211 – How to Create Application Security Design Requirements (Updated)
- ENG 311 – Attack Surface Analysis & Reduction (Updated)
- ENG 312 – How to Perform a Security Code Review (Updated)
Learning Path Details
Number of Courses: 45
Total Duration: 17 hours
Total CPE Credits: 20