Overview
The Node.js learning path includes a variety of security courses that vary depending on whether you are seeking core, advanced or elite paths. It is designed for those that managing the interchange of data between the server and the users and provides developers a solid foundation of security features necessary to code, test, and operate including:
- Node.js based services
- Web libraries, frameworks and the whole web stack
- Protecting data using secure coding best practices
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts (UPDATE PENDING)
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development (UPDATE PENDING)
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- COD 241 – Creating Secure Oracle DB Applications
- COD 251 – Defending AJAX-Enabled Web Applications
- COD 255 – Creating Secure Code: Web API Foundations
- COD 256 – Creating Secure Code: Ruby on Rails Foundations
- COD 257 – Creating Secure Python Web Applications
- COD 258 – Creating Secure PHP Web Applications
- COD 259 – Node.js Threats & Vulnerabilities
- COD 285 – Developing Secure Angular Applications
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10
- DES 212 – Architecture Risk Analysis & Remediation
- DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
- DES 225 – Applying OWASP 2017: Mitigating XML External Entities
- DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
- DES 232 – Mitigating OWASP 2021 Injection (NEW)
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)
- DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- LAB 222 Defending Python Against SQL Injection (NEW)
- LAB 223 Defending Node.js Against SQL Injection (NEW)
- LAB 231 Defending Python Against XSS (NEW)
- LAB 233 Defending Node.js Against XSS (NEW)
- LAB 242 Defending Node.js Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
- LAB 243 Defending Python Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
- LAB 245 Defending Against Plaintext Password Storage (Node.js) (COMING SOON)
- LAB 246 Defending Against Weak AES ECB Mode Encryption (Node.js) (COMING SOON)
- LAB 247 Defending Against Weak PRNG (Node.js) (COMING SOON)
- LAB 248 Defending Against Parameter Tampering (Node.js) (COMING SOON)
- LAB 249 Defending Against Plaintext Password Storage (Python) (COMING SOON)
- LAB 252 Defending Against Weak AES ECB Mode Encryption (Python) (COMING SOON)
- LAB 253 Defending Against Weak PRNG (Python) (COMING SOON)
- LAB 254 Defending Against Parameter Tampering (Python) (COMING SOON)
- COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks
- COD 309 – Securing ASP.NET MVC Applications
- COD 352 – Creating Secure JavaScript and jQuery Code
- COD 361 – HTML5 Secure Threats
- COD 362 – HTML5 Built in Security Features
- COD 363- Securing HTML5 Data
- COD 364 – Securing HTML5 Connectivity
- COD 372 – Testing for OWASP 2017: Sensitive Data Exposure
- COD 373 – Testing for OWASP 2017: XML External Entities
- COD 376 – Testing for OWASP 2017: Cross Site Scripting (XSS)
- DES 311 – Creating Secure Application Architecture
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 301 Testing for Injection (NEW)
- SDT 303 Testing for Cryptographic Failures (NEW)
Learning Path Details
Number of Courses: 60
Total Duration: 18 hours
Total CPE Credits: 22