Overview
The Web Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those responsible for the development of web applications or applications that are run over HTTP from a web server to a web browser.
The Web Developer Learning Path provides developers with a solid foundation of security features necessary to develop applications including:
- Responsive web design
- Enterprise integration
- How to protect data with security best practices
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- LAB 101 – Identifying Broken Access Control Vulnerabilities (NEW)
- LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities (NEW)
- LAB 103 – Identifying Broken User Authentication Vulnerabilities (NEW)
- LAB 104 – Identifying Business Logic Flaw Vulnerabilities (NEW)
- LAB 105 – Identifying Credential Dumping: Vulnerability Identification (NEW)
- LAB 106 – Identifying Cross-Site Scripting Vulnerabilities (NEW)
- LAB 107 – Identifying Injection Vulnerabilities (NEW)
- LAB 108 – Identifying Reverse Engineering Vulnerabilities (NEW)
- LAB 109 – Identifying Security Misconfiguration Vulnerabilities (NEW)
- LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification (NEW)
- COD 241 – Creating Secure Oracle DB Applications
- COD 251 – Defending AJAX-Enabled Web Applications
- COD 255 – Creating Secure Code: Web API Foundations
- COD 256 – Creating Secure Code: Ruby on Rails Foundations
- COD 257 – Creating Secure Python Web Applications
- COD 258 – Creating Secure PHP Web Applications
- COD 259 – Node.js Threats & Vulnerabilities
- COD 261 – Threats to Scripts
- COD 262 – Fundamentals of Shell and Interpreted Language Security
- COD 285 – Developing Secure Angular Applications
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10 (NEW)
- DES 212 – Architecture Risk Analysis & Remediation
- DES 222 – Applying OWASP 2017: Mitigating Injection
- DES 223 – Applying OWASP 2017: Mitigating Broken Authentication
- DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
- DES 225 – Applying OWASP 2017: Mitigating XML External Entities
- DES 226 – Applying OWASP 2017: Mitigating Broken Access Control
- DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration
- DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
- DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization
- DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities
- DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- COD 352 – Creating Secure JavaScript and jQuery Code
- COD 361 – HTML5 Secure Threats
- COD 362 – HTML5 Built in Security Features
- COD 363- Securing HTML5 Data
- COD 364 – Securing HTML5 Connectivity
- COD 370- Testing for OWASP 2017: Injection
- COD 371 – Testing for OWASP 2017: Broken Authentication
- COD 372 – Testing for OWASP 2017: Sensitive Data Exposure
- COD 373 – Testing for OWASP 2017: XML External Entities
- COD 374 – Testing for OWASP 2017: Broken Access Control
- COD 375 – Testing for OWASP 2017: Security Misconfiguration
- COD 376 – Testing for OWASP 2017: Cross Site Scripting (XSS)
- COD 377 – Testing for OWASP 2017: Insecure Deserialization
- COD 378 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities
- COD 379 – Testing for OWASP 2017: Insufficient Logging & Monitoring
- DES 311 – Creating Secure Application Architecture
- DSO 304 – Securing API Gateways in a DevSecOps Framework
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
Learning Path Details
Number of Courses: 66
Total Duration: 19 hours
Total CPE Credits: 23