Overview
The .NET learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide a solid foundation of .NET security features for building secure web applications, sophisticated desktop applications, or modern mobile applications.
Security concepts covered include:
- Code Access Security (CAS)
- .NET cryptographic technologies
- Secure coding best practices
More advanced courses offer platform and language-specific secure coding best practices including ASP.NET, AJAX, C#, and Windows.
- AWA 101 – Fundamentals of Application Security (UPDATED)
- AWA 102 – Secure Software Concepts
- COD 102 – The Role of Software Security (NEW)
- COD 103 – Creating Software Security Requirements (NEW)
- COD 104 – Designing Secure Software (NEW)
- COD 105 – Secure Software Development (NEW)
- COD 106 – The Importance of Software Integration and Testing (NEW)
- COD 107 – Secure Software Deployment (NEW)
- COD 108 – Software Operations and Maintenance (NEW)
- COD 261 – Threats to Scripts (UPDATED)
- COD 262 – Fundamentals of Shell and Interpreted Language Security (UPDATED)
- DES 101 – Fundamentals of Secure Architecture (Updated)
- ENG 205 – Fundamentals of Threat Modeling (Updated)
- COD 216 – Leveraging .NET Framework Code Access Security (CAS)
- COD 217 – Mitigating .NET Security Threats
- COD 251 – Defending AJAX-Enabled Web Applications (NEW)
- COD 255 – Creating Secure Code: Web API Foundations
- COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks (New)
- COD 309 – Securing ASP.NET MVC Applications (New)
- COD 321 – Protecting C# from Integer Overflows & Canonicalization
- COD 322 – Protecting C# from SQL & XML Injection
- COD 323 – Protecting Data in C#
- DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing
- DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management
- DES 204 – Role of Cryptography in Application Development
- DES 205 – Message Integrity Cryptographic Functions
- DES 222 – Applying OWASP 2017: Mitigating Injection
- DES 223 – Applying OWASP 2017: Mitigating Broken Authentication
- DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
- DES 225 – Applying OWASP 2017: Mitigating XML External Entities
- DES 226 – Applying OWASP 2017: Mitigating Broken Access Control
- DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration
- DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
- DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization
- DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities
- DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities
- DES 212 – Architecture Risk Analysis & Remediation (Updated)
- DES 311 – Creating Secure Application Architecture (Updated)
- ENG 191 – Introduction to the Microsoft SDL
- ENG 192- Implementing the Agile Microsoft SDL
- ENG 193 – Implementing the Microsoft SDL Optimization Model
- ENG 194 – Implementing Microsoft SDL Line of Business
- ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool
- ENG 211 – How to Create Application Security Design Requirements (Updated)
- ENG 311 – Attack Surface Analysis & Reduction (Updated)
- ENG 312 – How to Perform a Security Code Review (Updated)
Learning Path Details
Number of Courses: 46
Total Duration: 19 hours
Total CPE Credits: 23