Core

Advanced

Elite

Elective

Overview

The Secure Developer – Core Learning Path introduces application security’s fundamental and primary drivers. The curriculum provides individuals with an understanding of the importance of secure software development while preparing them to perform at the organizational level. Learners will gain in-depth knowledge of security principles, attacks, tools, and processes to develop secure software. By introducing the OWASP Top 10, learners are prepared to identify the most critical web application security risks, appropriately address those vulnerabilities, and prevent software flaws that enable cyberattacks.

Upon successful completion of this path, you will have the knowledge and skills to:

  • Define the value of having secure applications
  • Integrate secure software development practices into all phases of the software development lifecycle
  • Explain the anatomy of an application attack
  • Apply best practices to protect all components of the software
  • Identify and mitigate the most common application security risks
  • Implement a security strategy based on your organization’s risk
  • Produce well-secured software

NOTE: This Learning Path is considered principal to all Elite Secure Developer Learning Paths. Learn and Skill labs are elective training modules that help transform concepts into tangible skills through hands-on, realistic examples of real-world threat scenarios.

Overview

The Secure Developer – Advanced Learning Path explores different models, standards, frameworks, and security concepts that you can use to understand security issues and improve the security posture of your applications. The curriculum provides individuals with an understanding of how to ensure security is part of software design. Learners will gain in-depth knowledge of security practices that must be considered within every phase of the development lifecycle to help secure software applications and data. By introducing the DevSecOps philosophies, learners are prepared to focus on time saving but effective techniques that maximize security resources all while shortening system development lifecycles and providing continuous delivery of high-quality software.

Upon successful completion of this path, you will have the knowledge and skills to:

  • Use NIST and MITRE ATT&CK security frameworks to identify and categorize potential threats
  • Identify and apply relevant cryptographic technologies to secure applications and data
  • Apply techniques to remove architecture weak spots and avoid vulnerability propagation
  • Implement a zero-trust architecture
  • Create a threat model for application scenarios
  • Manage identities, privileges, and secrets securely
  • Understand, create, and articulate security requirements as part of a software requirement document
  • Determine which types of automated tests should be performed at various stages of the SDLC

NOTE: This Learning Path is considered principal to all Elite Secure Developer Learning Paths. Learn and Skill labs are elective training modules that help transform concepts into tangible skills through hands-on, realistic examples of real-world threat scenarios.

Overview

The Elite Secure Developer –C Learning Path includes a variety of security courses designed to provide a solid understanding of security features required to develop secure code that integrates into operating systems, operating system modules, embedded systems, or low-level libraries for other high-level languages. The curriculum covers key application security concepts including memory management and string handling.

Upon successful completion of this path, you will have the knowledge and skills to:

  • Implement secure communications for C programming
  • Protect applications from attack using run-time protection
  • Mitigate C specific security flaws

NOTE: This Learning Path is considered tertiary to Core and Advanced Secure Developer Learning Paths. Learn and Skill labs are elective training modules that help transform concepts into tangible skills through hands-on, realistic examples of real-world threat scenarios.

Overview

Learning paths may include elective course content that is not required to complete SI-CSC certification exams successfully. These additional courses are suggested based on alignment with the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. To understand how courses map to compliance standards, view the Course Compliance Matrix.

Learning Journey Details

Number of Courses: 7

Number of Labs: 1

Total Duration: 3 hours

Total CPE Credits: 3