Overview
The Node.js learning path includes a variety of security courses that vary depending on whether you are seeking core, advanced or elite paths. It is designed for those that managing the interchange of data between the server and the users and provides developers a solid foundation of security features necessary to code, test, and operate including:
- Node.js based services
- Web libraries, frameworks and the whole web stack
- Protecting data using secure coding best practices
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- COD 241 – Creating Secure Oracle DB Applications
- COD 251 – Defending AJAX-Enabled Web Applications
- COD 255 – Creating Secure Code: Web API Foundations
- COD 256 – Creating Secure Code: Ruby on Rails Foundations
- COD 257 – Creating Secure Python Web Applications
- COD 258 – Creating Secure PHP Web Applications
- COD 259 – Node.js Threats & Vulnerabilities
- COD 285 – Developing Secure Angular Applications
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10
- DES 212 – Architecture Risk Analysis & Remediation
- DES 232 – Mitigating OWASP 2021 Injection
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures
- DES 237 – Mitigating OWASP 2021 Security Misconfiguration
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- LAB 222 – Defending Python Applications Against SQL Injection
- LAB 223 – Defending Node.js Applications Against SQL Injection
- LAB 231 – Defending Python Applications Against XSS
- LAB 233 – Defending Node.js Applications Against XSS
- LAB 242 – Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 243 – Defending Python Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 245 – Defending Node.js Applications Against Plaintext Password Storage
- LAB 246 – Defending Node.js Applications Against Weak AES ECB Mode Encryption
- LAB 247 – Defending Node.js Applications Against Weak PRNG
- LAB 248 – Defending Node.js Applications Against Parameter Tampering
- LAB 249 – Defending Python Applications Against Plaintext Password Storage
- LAB 252 – Defending Python Applications Against Weak AES ECB Mode Encryption
- LAB 253 – Defending Python Applications Against Weak PRNG
- LAB 254 – Defending Python Applications Against Parameter Tampering
- LAB 261 – Defending Python Applications Against Sensitive Information in Error Messages
- LAB 262 – Defending Node.js Applications Against Sensitive Information in Error Messages
- LAB 264 – Defending Python Applications Against Sensitive Information in Log Files (NEW)
- LAB 265 – Defending Node.js Applications Against Sensitive Information in Log Files (NEW)
- LAB 268 – Defending Python Applications Against Deserialization of Untrusted Data (NEW)
- LAB 269 – Defending Node.js Applications Against Deserialization of Untrusted Data (NEW)
- LAB 272 – Defending Python Applications Against SSRF (NEW)
- LAB 273 – Defending Node.js Applications Against SSRF (NEW)
- COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks
- COD 309 – Securing ASP.NET MVC Applications
- COD 352 – Creating Secure JavaScript and jQuery Code
- COD 361 – HTML5 Secure Threats
- COD 362 – HTML5 Built in Security Features
- COD 363 – Securing HTML5 Data
- COD 364 – Securing HTML5 Connectivity
- DES 311 – Creating Secure Application Architecture
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 301 – Testing for Injection
- SDT 303 – Testing for Cryptographic Failures
- SDT 306 – Testing for Security Misconfiguration
Learning Path Details
Number of Courses: 63
Number of Labs: 24
Total Duration: 20 hours
Total CPE Credits: 24