Close

Training
- Overview
- CMD+CTRL Training Overview
- Courses
- Cyber Range
  - Overview
  - Features
  - Reporting
  - Suite
  - Modes
  - Customer Success
  - Get Started
Services
Solutions
Resources
- Guides & Case Studies
- Webinars
Blog
About
- Company Overview
- Ed TALKS
- Partners
- Community
- Clients
- Leadership
- Careers
- News
- Contact
Let’s Talk

Training
Services
Solutions
Resources
- Guides & Case Studies
- Webinars
Blog
About
- Company Overview
- Ed TALKS
- Partners
- Community
- Clients
- Leadership
- Careers
- News
- Contact
Let’s Talk

Security Courses Overview
Course Features
Learning Paths
Course Previews
Course Catalog

Course Catalog / Learning Path / Engineer

Engineer

Overview

Core
Advanced
Elite

AWA 101 – Fundamentals of Application Security
AWA 102 – Secure Software Concepts
COD 102 – The Role of Software Security
COD 103 – Creating Software Security Requirements
COD 104 – Designing Secure Software
COD 105 – Secure Software Development
COD 106 – The Importance of Software Integration and Testing
COD 107 – Secure Software Deployment
COD 108 – Software Operations and Maintenance
COD 110 – Fundamentals of Secure Mobile Development
COD 141 – Fundamentals of Database Security
DES 101 – Fundamentals of Secure Architecture
DES 151 – Fundamentals of the PCI Secure SLC Standard
ENG 110 – Essential Account Management Security
ENG 113 – Essential Secure Configuration Management
ENG 114 – Essential Risk Assessment
ENG 115 – Essential System & Information Integrity
ENG 117 – Essential Information Security Program Planning
ENG 118 – Essential Incident Response
ENG 119 – Essential Security Audit & Accountability
ENG 120 – Essential Security Assessment & Authorization
ENG 121 – Essential Identification & Authentication
ENG 123 – Essential Security Engineering Principles
ENG 124 – Essential Application Protection
ENG 125 – Essential Data Protection
ENG 150 – Meeting Confidentiality, Integrity, and Availability
ENG 151 – Fundamentals of Privacy Protection
ENG 191 – Introduction to the Microsoft SDL
LAB 101 – Identifying Broken Access Control Vulnerabilities
LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities
LAB 103 – Identifying Broken User Authentication Vulnerabilities
LAB 104 – Identifying Business Logic Flaw Vulnerabilities
LAB 105 – Identifying Credential Dumping: Vulnerability Identification
LAB 106 – Identifying Cross-Site Scripting Vulnerabilities
LAB 107 – Identifying Injection Vulnerabilities
LAB 108 – Identifying Reverse Engineering Vulnerabilities
LAB 109 – Identifying Security Misconfiguration Vulnerabilities
LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification
TST 101 – Fundamentals of Security Testing

ATK 201 – Using the MITRE ATT&CK Framework
COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes
COD 252 – Securing Google Platform Applications & Data
COD 261 – Threats to Scripts
COD 262 – Fundamentals of Shell and Interpreted Language Security
COD 263 – Secure Bash Scripting
COD 264 – Secure Perl Scripting
COD 265 – Secure Python Scripting
COD 266 – Secure Ruby Scripting
COD 287 – Java Application Server Hardening
DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing
DES 203 – Cryptographic Components: Randomness, Algorithms, and Key Management
DES 204 – Role of Cryptography in Application Development
DES 205 – Message Integrity Cryptographic Functions
DES 206 – Meeting Cloud Governance and Compliance Requirements
DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing
DES 210 – Hardening Linux/Unix Systems
DES 212 – Architecture Risk Analysis & Remediation
DES 214 – Securing Infrastructure Architecture
DES 215 – Defending Infrastructure
DES 216 – Protecting Cloud Infrastructure
DES 217 – Securing Terraform Infrastructure and Resources
DES 218 – Protecting Microservices, Containers, and Orchestration
DES 222 – Applying OWASP 2017: Mitigating Injection
DES 223 – Applying OWASP 2017: Mitigating Broken Authentication
DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
DES 225 – Applying OWASP 2017: Mitigating XML External Entities
DES 226 – Applying OWASP 2017: Mitigating Broken Access Control
DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration
DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization
DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities
DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities
DES 255 – Securing the IoT Update Process
DES 260 – Fundamentals of IoT Architecture & Design
DES 272 – OWASP M2: Mitigating Insecure Data Storage
DES 282 – OWASP IoT2: Mitigating Insecure Network Services
DES 288 – OWASP IoT8: Mitigating Lack of Device Management
DES 289 – OWASP IoT9: Mitigating Insecure Default Settings
DSO 201 – Fundamentals of Secure DevOps
DSO 205 – Securing the COTS Supply Chain
DSO 206 – Securing the Open Source Supply Chain
DSO 211 – Identifying Threats to Containers in a DevSecOps Framework
DSO 253 – DevSecOps in the AWS Cloud
DSO 254 – DevSecOps in the Azure Cloud
DSO 256 – DevSecOps in the Google Cloud Platform
ENG 205 – Fundamentals of Threat Modeling
ENG 211 – How to Create Application Security Design Requirements
ENG 251 – Risk Management Foundations
TST 202 – Penetration Testing Fundamentals
TST 205 – Performing Vulnerability Scans
TST 206 – ASVS Requirements for Developers

COD 370- Testing for OWASP 2017: Injection
COD 371 – Testing for OWASP 2017: Broken Authentication
COD 372 – Testing for OWASP 2017: Sensitive Data Exposure
COD 373 – Testing for OWASP 2017: XML External Entities
COD 374 – Testing for OWASP 2017: Broken Access Control
COD 375 – Testing for OWASP 2017: Security Misconfiguration
COD 376 – Testing for OWASP 2017: Cross Site Scripting (XSS)
COD 377 – Testing for OWASP 2017: Insecure Deserialization
COD 378 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities
COD 379 – Testing for OWASP 2017: Insufficient Logging & Monitoring
COD 383 – Protecting Java Backend Services
CYB 301 – Fundamentals of Ethical Hacking
DES 305 – Protecting Existing Blockchain Assets
DES 306 – Creating a Secure Blockchain Network
DES 311 – Creating Secure Application Architecture
DSO 301 – Orchestrating Secure System and Service Configuration
DSO 302- Automated Security Testing
DSO 303 – Automating Security Updates
DSO 304 – Securing API Gateways in a DevSecOps Framework
DSO 305 – Automating CI/CD Pipeline Compliance
DSO 306 – Implementing Infrastructure as Code
ENG 311 – Attack Surface Analysis & Reduction
ENG 312 – How to Perform a Security Code Review
ENG 351 – Preparing the Risk Management Framework
ENG 352 – Categorizing Systems and Information within the RMF
ENG 353 – Selecting, Implementing and Assessing Controls within the RMF
ENG 354 – Authorizing and Monitoring System Controls within the RMF
SDT 311 – Testing for Integer Overflow or Wraparound
SDT 312 – Testing for (Path Traversal) Improper Limitation of a Pathname to a Restricted Directory
SDT 313 – Testing for (CSRF) Cross Site Request Forgery
SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
SDT 315 – Testing for Incorrect Permission Assignment for Critical Resource
SDT 316- Testing for Use of Hard-Coded Credentials
SDT 317 – Testing for Improper Control of Generation of Code
SDT 318 – Testing for Insufficiently Protected Credentials
SDT 319 – Testing for Out-of-bounds Read
SDT 320 – Testing for Out-of-bounds Write
SDT 321 – Testing for Uncontrolled Resource Consumption
SDT 322 – Testing for Improper Privilege Management
SDT 323 – Testing for Improper Input Validation
SDT 325 – Testing for NULL Pointer Dereference
SDT 326 – Testing for Use After Free
TST 301 – Infrastructure Penetration Testing
TST 302 – Application Penetration Testing
TST 303 – Penetration Testing for Google Cloud Platform
TST 304 – Penetration Testing for AWS Cloud
TST 305 – Penetration Testing for Azure Cloud
TST 351 – Penetration Testing for TLS Vulnerabilities
TST 352 – Penetration Testing for Injection Vulnerabilities
TST 353 – Penetration Testing for SQL Injection
TST 354 – Penetration Testing for Memory Corruption Vulnerabilities
TST 355 – Penetration Testing for Authorization Vulnerabilities
TST 356 – Penetration Testing for Cross-Site Scripting (XSS)
TST 357 – Penetration Testing for Hardcoded Secrets
TST 358 – Penetration Testing Wireless Networks
TST 359 – Penetration Testing Network Infrastructure
TST 360 – Penetration Testing for Authentication Vulnerabilities

Learning Path Details

Number of Courses: 94

Total Duration:

Total CPE Credits:

Training
Services
Solutions
Resources
Blog
About
Let’s Talk

Offices

Headquarters - Boston, MA
187 Ballardvale Street, Suite A195
Wilmington, MA 01887
Phone: +1.877.839.7598
Sales: 1.877.839.7598 x1
Support: 1.877.839.7598 x2
Email: Support
Email: PR

Pune, India
516 World Trade Center - Tower 2
Kharadi, Pune, MH 411014
Phone: +91 820 840 1411
Email: India Sales

Seattle, WA
1511 3rd Ave #808
Seattle, WA 98101

Copyright © 2022 Security Innovation, Inc. All Rights Reserved Privacy Policy