PCI Developer


The PCI learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for developing applications that process credit and debit card payments and/or any type of cardholder data.

The PCI Developer learning path provides learners with the tools required to meet the Payment Card Industry Data Security Standards (PCI DSS) for systems that transmit, process, and/or store cardholder data.

Courses provide a framework for:

  • Developing secure applications
  • Conducting effective test procedures
  • Adopting guidance for mitigating issues


  • Fundamentals of Application Security
  • Secure Software Concepts
  • Fundamentals of Secure Development
  • Fundamentals of Secure DB Development
  • Fundamentals of Secure Cloud Development
  • Fundamentals of Threat Modeling


  • PCI DSS v3.2 Best Practices for Developers
  • IoT Specialization Series (6)
  • Creating Secure Oracle Database Applications
  • Fundamentals of Cryptography Series (4)
  • Secure Enterprise Infrastructure Series (4)
  • Applying OWASP 2017 Mitigations Series (10)
  • Testing for Classic Buffer Overflow
  • Testing for Missing Authorization
  • Testing for Use of Hard-Coded Credentials
  • Testing for Missing Encryption of Sensitive Data
  • Testing for Unrestricted Upload of File with Dangerous Type
  • Testing for Reliance on Untrusted Inputs in a Security Decision
  • Testing for Execution with Unnecessary Privileges
  • Testing for Cross-Site Request Forgery
  • Testing for Download of Code Without Integrity Check
  • Testing for Inclusion of Functionality from Untrusted Control Sphere
  • Testing for Incorrect Permission Assignment for Critical Resource
  • Testing for Use of a Potentially Dangerous Function
  • Testing for Use of a Broken or Risky Cryptographic Algorithm
  • Testing for Open Redirect
  • Testing for Uncontrolled Format String


  • Fundamentals of Secure Architecture
  • Architecture Risk Analysis and Remediation
  • Creating Secure Application Architecture
  • Integrating the MS SDL into your SDLC Series (5)
  • How to Create Application Security Design Requirements
  • Attack Surface Analysis & Reduction
  • How to Perform a Security Code Review

Learning Path Details

Number of Courses: 53

Total Duration: 26 hours

Total CPE Credits: 31