Overview
The Automation Engineer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced or elite paths. It is designed for those who design, program, simulate and test automated machinery and processes in order to complete exact tasks.
Course topics include:
- Essential goals and controls needed to create secure software
- Managing risk in the software development lifecycle
- Cryptography, handling input and output
- OWASP Top Ten
- ENG 110 – Essential Account Management Security
- ENG 113 – Essential Secure Configuration Management
- ENG 114 – Essential Risk Assessment
- ENG 119 – Essential Security Audit & Accountability
- ENG 120 – Essential Security Assessment & Authorization
- ENG 123 – Essential Security Engineering Principles
- ENG 124 – Essential Application Protection
- ENG 125 – Essential Data Protection
- DES 209 Authentication and Lifecycle Management (NEW)
- DES 232 – Mitigating OWASP 2021 Injection (NEW)
- DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures (NEW)
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)
- DES 235 Mitigating OWASP 2021 Insecure Design (NEW)
- DES 236 Mitigating OWASP 2021 Broken Access Control (NEW)
- DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)
- DES 238 Mitigating OWASP 2021 Server-Side Request Forgery (SSRF) (NEW)
- DES 239 Mitigating OWASP 2021 Software and Data Integrity Failures (NEW)
- DES 240 Mitigating OWASP 2021 Vulnerable and Outdated Components (NEW)
- DES 241 Mitigating OWASP 2021 Security Logging and Monitoring Failures (NEW)
- DSO 211 – Identifying Threats to Containers in a DevSecOps Framework
- ENG 251 – Risk Management Foundations
- DSO 302- Automated Security Testing
- DSO 303 – Automating Security Updates
- DSO 306 – Implementing Infrastructure as Code
- ENG 351 – Preparing the Risk Management Framework
- ICS 310 Protecting Information and System Integrity in Industrial Control System Environments
- SDT 301 Testing for Injection (NEW)
- SDT 302 Testing for Identification and Authentication Failures (NEW)
- SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
- SDT 315 – Testing for Incorrect Permission Assignment for Critical Resource
- SDT 316- Testing for Use of Hard-Coded Credentials
Learning Path Details
Number of Courses: 31
Total Duration: 7 hours
Total CPE Credits: 9