Course Catalog / Learning Path / PCI Developer

PCI Developer

Overview

The PCI learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for developing applications that process credit and debit card payments and/or any type of cardholder data.

The PCI Developer learning path provides learners with the tools required to meet the Payment Card Industry Data Security Standards (PCI DSS) for systems that transmit, process, and/or store cardholder data.

Courses provide a framework for:

Developing secure applications
Conducting effective test procedures
Adopting guidance for mitigating issues

Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 68

Total Duration: 22 hours

Total CPE Credits: 26

The Courses

View All Courses Download Learning Path Catalog Download Course Catalog

Course Catalog / Learning Path / PCI Developer

PCI Developer

Overview

Learning Path Details

The Courses

DES 216 – Protecting Cloud Infrastructure (New)

COD 251 – Defending AJAX-Enabled Web Applications (NEW)

DES 218 – Protecting Microservices, Containers, and Orchestration (New)

DES 214 – Securing Infrastructure Architecture (NEW)

DES 215 – Defending Infrastructure (NEW)

COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes (NEW)

COD 248 – PCI DSS 6: Develop and Maintain Secure Systems and Applications (NEW)

COD 247 – PCI DSS 4: Encrypting Transmission of Cardholder Data (NEW)

COD 246 – PCI DSS 3: Protecting Stored Cardholder Data (NEW)

COD 108 – Software Operations and Maintenance (NEW)

COD 107 – Secure Software Deployment (NEW)

COD 106 – The Importance of Software Integration and Testing (NEW)

COD 105 – Secure Software Development (NEW)

COD 104 – Designing Secure Software (NEW)

COD 103 – Creating Software Security Requirements (NEW)

COD 102 – The Role of Software Security (NEW)

TST 273 – Testing for Uncontrolled Format String (CWE-134)

TST 272 – Testing for Open Redirect (CWE-601)

TST 269 – Testing for Use of a Broken or Risky Cryptographic Algorithm (CWE-327)

TST 268 – Testing for Use of a Potentially Dangerous Function (CWE-676)

TST 267 – Testing for Incorrect Permission Assignment for Critical Resource (CWE-732)

TST 266 – Testing for Inclusion of Functionality from Untrusted Control Sphere (CWE-829)

TST 264 – Testing for Download of Code without Integrity Check (CWE-494)

TST 262 – Testing for Cross Site Request Forgery (CSRF): CWE-352

TST 261 – Testing for Execution with Unnecessary Privileges (CWE-250)

TST 260 – Testing for Reliance on Untrusted Inputs in a Security Decision (CWE-807)

TST 259 – Testing for Unrestricted Upload of File with Dangerous Type (CWE-434)

TST 258 – Testing for Missing Encryption of Sensitive Data (CWE-311)

TST 257 – Testing for Use of Hard-Coded Credentials (CWE-798)

TST 256 – Testing for Missing Authorization (CWE-862)

TST 253 – Testing for Classic Buffer Overflow (CWE-120)

ENG 312 – How to Perform a Security Code Review (Updated)

ENG 311 – Attack Surface Analysis & Reduction (Updated)

ENG 211 – How to Create Application Security Design Requirements (Updated)

ENG 205 – Fundamentals of Threat Modeling (Updated)

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool

ENG 194 – Implementing Microsoft SDL Line of Business

ENG 193 – Implementing the Microsoft SDL Optimization Model

ENG 192- Implementing the Agile Microsoft SDL

ENG 191 – Introduction to the Microsoft SDL

DES 311 – Creating Secure Application Architecture (Updated)

DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities

DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities

DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization

DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)

DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration

DES 226 – Applying OWASP 2017: Mitigating Broken Access Control

DES 225 – Applying OWASP 2017: Mitigating XML External Entities

DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure

DES 223 – Applying OWASP 2017: Mitigating Broken Authentication

DES 222 – Applying OWASP 2017: Mitigating Injection

DES 212 – Architecture Risk Analysis & Remediation (Updated)

DES 205 – Message Integrity Cryptographic Functions

DES 204 – Role of Cryptography in Application Development

DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management

DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing

DES 101 – Fundamentals of Secure Architecture (Updated)

COD 241 – Creating Secure Oracle DB Applications

COD 230 – Insecure IoT Firmware (UPDATED)

COD 229 – Insecure IoT Mobile Interface (UPDATED)

COD 228 – Insecure IoT Communications (UPDATED)

COD 227 – Insecure IoT Network Services (UPDATED)

COD 226 – Insecure IoT Authentication & Authorization (UPDATED)

COD 225 – Insecure IoT Web Interfaces (UPDATED)

COD 152 – Fundamentals of Secure Cloud Development (Updated)

COD 141 – Fundamentals of Database Security (Updated)

AWA 102 – Secure Software Concepts

AWA 101 – Fundamentals of Application Security (UPDATED)