Overview
The PHP learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed to provide PHP developers with a solid foundation of security features necessary to develop server-side web application logic.
The PHP learning path offers secure coding best practices to develop back-end web services connection components and support front-end, developers. Learners will be able to apply these security best practices to the entire web application development life cycle from concept stage to delivery and post-launch.
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts (UPDATED)
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- COD 251 – Defending AJAX-Enabled Web Applications
- COD 255 – Creating Secure Code: Web API Foundations
- COD 256 – Creating Secure Code: Ruby on Rails Foundations
- COD 258 – Creating Secure PHP Web Applications
- COD 259 – Node.js Threats & Vulnerabilities
- COD 261 – Threats to Scripts
- COD 262 – Fundamentals of Shell and Interpreted Language Security
- COD 263 – Secure Bash Scripting
- COD 264 – Secure Perl Scripting
- COD 265 – Secure Python Scripting
- COD 266 – Secure Ruby Scripting
- COD 281 – Java Security Model
- COD 283 – Java Cryptography
- COD 284 – Secure Java Coding
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10
- DES 212 – Architecture Risk Analysis & Remediation
- DES 232 – Mitigating OWASP 2021 Injection (NEW)
- DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures (NEW)
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)
- DES 235 Mitigating OWASP 2021 Insecure Design (NEW)
- DES 236 Mitigating OWASP 2021 Broken Access Control (NEW)
- DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)
- DES 238 Mitigating OWASP 2021 Server-Side Request Forgery (SSRF) (NEW)
- DES 239 Mitigating OWASP 2021 Software and Data Integrity Failures (NEW)
- DES 240 Mitigating OWASP 2021 Vulnerable and Outdated Components (NEW)
- DES 241 Mitigating OWASP 2021 Security Logging and Monitoring Failures (NEW)
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- LAB 223 Defending Node.js Applications Against SQL Injection (NEW)
- LAB 228 Defending Java Applications Against Weak AES ECB Mode Encryption (NEW)
- LAB 229 Defending Java Applications Against Weak PRNG (NEW)
- LAB 230 Defending Java Applications Against XSS (NEW)
- LAB 233 Defending Node.js Applications Against XSS (NEW)
- LAB 234 Defending Java Applications Against Parameter Tampering (NEW)
- LAB 235 Defending Java Applications Against Plaintext Password Storage (NEW)
- LAB 236 Defending Java Applications Against Sensitive Information in Error Messages
- LAB 237 Defending Java Applications Against SQL Injection (NEW)
- LAB 240 Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
- LAB 242 Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
- LAB 244 Defending Java Applications Against Security Misconfiguration (NEW)
- LAB 245 Defending Node.js Applications Against Plaintext Password Storage (NEW)
- LAB 246 Defending Node.js Applications Against Weak AES ECB Mode Encryption (NEW)
- LAB 247 Defending Node.js Applications Against Weak PRNG (NEW)
- LAB 248 Defending Node.js Applications Against Parameter Tampering (NEW)
- LAB 262 Defending Node.js Applications Against Sensitive Information in Error Messages
- COD 361 – HTML5 Secure Threats
- COD 362 – HTML5 Built in Security Features
- COD 363- Securing HTML5 Data
- COD 364 – Securing HTML5 Connectivity
- DES 311 – Creating Secure Application Architecture
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 301 Testing for Injection (NEW)
- SDT 302 Testing for Identification and Authentication Failures (NEW)
- SDT 304 Testing for Insecure Design (NEW)
- SDT 305 Testing for Broken Access Control (NEW)
- SDT 306 Testing for Security Misconfiguration (NEW)
- SDT 307 Testing for Server-Side Request Forgery (SSRF) (NEW)
- SDT 308 Testing for Software and Data Integrity Failures (NEW)
- SDT 309 Testing for Vulnerable and Outdated Components (NEW)
- SDT 310 Testing for Security Logging and Monitoring Failures (NEW)
- SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
Learning Path Details
Number of Courses: 75
Number of Labs: 25
Total Duration: 22 hours
Total CPE Credits: 26