Overview
The .NET learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide a solid foundation of .NET security features for building secure web applications, sophisticated desktop applications, or modern mobile applications.
Security concepts covered include:
- Code Access Security (CAS)
- .NET cryptographic technologies
- Secure coding best practices
More advanced courses offer platform and language-specific secure coding best practices including ASP.NET, AJAX, C#, and Windows.
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts (UPDATE PENDING)
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development (UPDATE PENDING)
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- COD 216 – Leveraging .NET Framework Code Access Security (CAS)
- COD 217 – Mitigating .NET Security Threats
- COD 255 – Creating Secure Code: Web API Foundations
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10
- DES 212 – Architecture Risk Analysis & Remediation
- DES 222 – Applying OWASP 2017: Mitigating Injection
- DES 223 – Applying OWASP 2017: Mitigating Broken Authentication
- DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
- DES 225 – Applying OWASP 2017: Mitigating XML External Entities
- DES 226 – Applying OWASP 2017: Mitigating Broken Access Control
- DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration
- DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
- DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization
- DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities
- DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities
- DES 232 – Mitigating OWASP 2021 Injection (NEW)
- DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures (NEW)
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)
- DES 235 Mitigating OWASP 2021 Insecure Design (NEW)
- DES 236 Mitigating OWASP 2021 Broken Access Control (NEW)
- DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)
- DES 238 Mitigating OWASP 2021 Server-Side Request Forgery (SSRF) (NEW)
- DES 239 Mitigating OWASP 2021 Software and Data Integrity Failures (NEW)
- DES 240 Mitigating OWASP 2021 Vulnerable and Outdated Components (NEW)
- DES 241 Mitigating OWASP 2021 Security Logging and Monitoring Failures (NEW)
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- LAB 221 Defending C# Against SQL Injection (NEW)
- LAB 232 Defending C# Against XSS (NEW)
- LAB 238 Defending Against Weak AES ECB Mode Encryption (C#) (COMING SOON)
- LAB 239 Defending Against Weak PRNG (C#) (COMING SOON)
- LAB 241 Defending C# Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
- LAB 250 Defending Against Parameter Tampering (C#) (COMING SOON)
- LAB 251 Defending Against Plaintext Password Storage (C#) (COMING SOON)
- COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks
- COD 309 – Securing ASP.NET MVC Applications
- DES 311 – Creating Secure Application Architecture
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
Learning Path Details
Number of Courses: 52
Total Duration: 13 hours
Total CPE Credits: 16