Course Catalog / Learning Path / Web Developer

Web Developer

Overview

The Web Developer learning path includes a variety of  security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for the development of web applications or applications that are run over HTTP from a web server to a web browser.

The Web Developer Learning Path provides developers with a solid foundation of security features necessary to develop applications including:

  • Responsive web design
  • Enterprise integration
  • How to protect data with security best practices

Core

  • Fundamentals of Application Security
  • Secure Software Concepts
  • Fundamentals of Secure Development
  • Fundamentals of Secure AJAX Code
  • Threats to Scripts
  • Fundamentals of Secure Scripting
  • Fundamentals of Threat Modeling

Advanced

  • Creating Secure Oracle Database Applications
  • Creating Secure AJAX Code – Java Foundations
  • Creating Secure Code – Web API Foundations
  • Creating Secure Code – Ruby on Rail Foundations
  • Creating Secure Python Web Applications
  • Node.js Threats and Vulnerabilities
  • Secure Scripting with Perl, Python, Bash, and Ruby
  • Protecting Sensitive Data while Scripting
  • Creating Secure PHP Code
  • Creating Secure jQuery Code
  • Creating Secure HTML5 Foundations Series (2)
  • Fundamentals of Cryptography Series (4)
  • Applying OWASP 2017 Mitigations Series (10)
  • Testing for OWASP 2017 Mitigations Series (10)

Elite

  • Fundamentals of Secure Architecture
  • Architecture Risk Analysis and Remediation
  • Creating Secure Application Architecture
  • Integrating the MS SDL into your SDLC Series (5)
  • How to Create Application Security Design Requirements
  • Attack Surface Analysis & Reduction
  • How to Perform a Security Code Review
Ready to Demo? Questions about learning paths? Contact Us!

Learning Path Details

Number of Courses: 55

Total Duration: 27 hours

Total CPE Credits: 32

The Courses

View All Courses     Download Learning Path Catalog     Download Course Catalog

TST 231 – Testing for OWASP 2017: Insufficient Logging & Monitoring

10 Minutes
Advanced

TST 230 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities

10 Minutes
Advanced

TST 229 – Testing for OWASP 2017: Insecure Deserialization

10 Minutes
Advanced

TST 228 – Testing for OWASP 2017: Cross Site Scripting (XSS)

15 Minutes
Advanced

TST 227 – Testing for OWASP 2017: Security Misconfiguration

10 Minutes
Advanced

TST 226 – Testing for OWASP 2017: Broken Access Control

10 Minutes
Advanced

TST 225 – Testing for OWASP 2017: XML External Entities

10 Minutes
Advanced

TST 224 – Testing for OWASP 2017: Sensitive Data Exposure

12 Minutes
Advanced

TST 223 – Testing for OWASP 2017: Broken Authentication

12 Minutes
Advanced

TST 222 – Testing for OWASP 2017: Injection

15 Minutes
Advanced

ENG 312 – How to Perform a Security Code Review

60 Minutes
Elite

ENG 311 – Attack Surface Analysis & Reduction

60 Minutes
Elite

ENG 211 – How to Create Application Security Design Requirements

60 Minutes
Advanced

ENG 205 – Fundamentals of Threat Modeling

60 Minutes
Advanced

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool

20 Minutes
Core

ENG 194 – Implementing Microsoft SDL Line of Business

20 Minutes
Core

ENG 193 – Implementing the Microsoft SDL Optimization Model

25 Minutes
Core

ENG 192- Implementing the Agile Microsoft SDL

20 Minutes
Core

Creating Secure Application Architecture

120 Minutes
Advanced

Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities

12 Minutes
Advanced

Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities

12 Minutes
Advanced

Applying OWASP 2017: Mitigating Insecure Deserialization

12 Minutes
Advanced

Applying OWASP 2017: Mitigating Broken Access Control

12 Minutes
Advanced

Applying OWASP 2017: Mitigating XML External Entities

12 Minutes
Advanced

Applying OWASP 2017: Mitigating Sensitive Data Exposure

12 Minutes
Advanced

Applying OWASP 2017: Mitigating Broken Authentication

12 Minutes
Advanced

Applying OWASP 2017: Mitigating Injection

12 Minutes
Advanced

Architecture Risk Analysis & Remediation

60 Minutes
Advanced

Message Integrity Cryptographic Functions

45 Minutes
Advanced

Role of Cryptography in Application Development

15 Minutes
Advanced

Cryptographic Components: Randomness, Algorithms, and Key Management

15 Minutes
Advanced

Cryptographic Suite Services: Encoding, Encrypting & Hashing

45 Minutes

Fundamentals of Secure Architecture

60 Minutes
Core

COD 381 – Protecting Java Code: Canonicalization, Information Disclosure and TOCTOU

25 Minutes
Elite

COD 380 – Protecting Java Code: SQLi & Integer Overflows

10 Minutes
Elite

Securing HTML5 Connectivity

20 Minutes
Elite

Securing HTML5 Data

20 Minutes
Elite

COD 362 – HTML5 Built in Security Features

20 Minutes
Elite

COD 361 – HTML5 Secure Threats

15 Minutes
Elite

COD 352 – Creating Secure jQuery Code

90 Minutes
Elite

Creating Secure PHP Code

120 Minutes
Elite

Protecting Sensitive Data while Scripting

30 Minutes
Advanced

Secure Scripting with Perl, Python, Bash and Ruby

30 Minutes
Advanced

Fundamentals of Secure Scripting

30 Minutes
Advanced

Threats to Scripts

30 Minutes
Advanced

Node.js Threats & Vulnerabilities

30 Minutes
Advanced

Creating Secure Python Web Applications

45 Minutes
Advanced

Creating Secure Code -Ruby on Rails Foundations

90 Minutes
Advanced

Creating Secure Code – Web API Foundations

120 Minutes
Advanced

Creating Secure AJAX Code – Java Foundations

35 Minutes
Advanced

Creating Secure Oracle DB Applications

45 Minutes
Advanced

Fundamentals of Secure Ajax Code

35 Minutes
Core

Fundamentals of Secure Development

60 Minutes
Core

Secure Software Concepts

30 Minutes
Core

Fundamentals of Application Security

60 Minutes
Core