Design and Development (DD) Archives

LAB 351 – Defending TypeScript Applications Against Cross-Site Scripting (NEW)

15 Minutes

0.3 CPE

LAB 348 – Defending C++ Applications Against Null Pointer Dereference (NEW)

15 Minutes

0.3 CPE

LAB 355 – Defending C Applications Against Stack-based Buffer Overflow (NEW)

15 Minutes

0.3 CPE

LAB 353 – Defending TypeScript Applications Against Improper Authentication (NEW)

15 Minutes

0.3 CPE

LAB 354 – Defending Go Applications Against Improper Authentication (NEW)

15 Minutes

0.3 CPE

LAB 350 – Defending Go Applications Against SQL Injection (NEW)

15 Minutes

0.3 CPE

LAB 352 – Defending Go Applications Against Cross-Site Scripting (NEW)

15 Minutes

0.3 CPE

DES 270 – Mitigating OWASP Mobile Top 10 Risks (NEW)

30 Minutes

0.6 CPE

LAB 349 – Defending TypeScript Applications Against SQL Injection (NEW)

15 Minutes

0.3 CPE

COD 325 – Protecting Data in C# for .NET Core (NEW)

30 Minutes

0.6 CPE

COD 310 – Securing ASP.NET Core Applications (NEW)

20 Minutes

0.4 CPE

LAB 340 – Defending C Applications Against Use After Free

15 Minutes

0.3 CPE

DES 250 – Secure Software Acceptance and Deployment

25 Minutes

0.5 CPE

LAB 341 – Defending C++ Applications Against Use After Free

15 Minutes

0.3 CPE

LAB 347 – Defending C Applications Against Null Pointer Dereference

15 Minutes

0.3 CPE

LAB 329 – Defending Go Applications Against SSRF

15 Minutes

0.3 CPE

LAB 333 – Defending Go Applications Against Hard-coded Credentials

15 Minutes

0.3 CPE

LAB 338 – Defending Go Applications Against CSRF

15 Minutes

0.3 CPE

LAB 339 – Defending Go Applications Against Path Traversal

15 Minutes

0.3 CPE

LAB 342 – Defending TypeScript Applications Against Command Injection

15 Minutes

0.3 CPE

LAB 343 – Defending Go Applications Against Command Injection

15 Minutes

0.3 CPE

LAB 344 – Defending TypeScript Applications Against Incorrect Authorization

15 Minutes

0.3 CPE

LAB 345 – Defending Go Applications Against Incorrect Authorization

15 Minutes

0.3 CPE

LAB 346 – Defending TypeScript Applications Against Deserialization of Untrusted

15 Minutes

0.3 CPE

API 351 – Securing Kubernetes in the Build and Release Stages

25 Minutes

0.5 CPE

LAB 327 – Defending C Applications Against Path Traversal

5 Minutes

.25 CPE

LAB 328 – Defending C++ Applications Against Path Traversal

5 Minutes

.25 CPE

COD 268 – Mitigating TypeScript Application Vulnerabilities

30 Minutes

.5 CPE

DES 364 – Mitigating Low-Code/No-Code Authentication and Secure Communication Failures

20 Minutes

.5 CPE

COD 304 – Principles of C++ Memory Safety

25 Minutes

.5 CPE

COD 305 – C++ Secure Memory Management

30 Minutes

.5 CPE

COD 306 – C++ Memory Safety: Debugging Tools and Techniques

20 Minutes

.5 CPE

LAB 206 – Defending Python Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 207 – Defending Node.js Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 208 – Defending C# Applications Against XPath Injection

5 Minutes

.1 CPE

COD 215 – Mitigating .NET Application Vulnerabilities

25 Minutes

.5 CPE

LAB 301 – Defending Java Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 302 – Defending Python Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 303 – Defending C# Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 304 – Defending Node.js Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 305 – Defending Java Applications Against Weak Password Reset

5 Minutes

.25 CPE

LAB 306 – Defending Python Applications Against Weak Password Reset

5 Minutes

.25 CPE

LAB 307 – Defending C# Applications Against Weak Password Reset

5 Minutes

0.25 CPE

LAB 308 – Defending Node.js Applications Against Weak Password Reset

5 Minutes

.25 CPE

LAB 309 – Defending TypeScript Applications Against Unrestricted Upload of File with Dangerous Type

5 Minutes

.25 CPE

LAB 314 – Defending TypeScript Applications Against SSRF

5 Minutes

.25 CPE

LAB 316 – Defending TypeScript Applications Against Hard-coded Credentials

5 Minutes

.25 CPE

LAB 320 – Defending TypeScript Applications Against Code Injection

5 Minutes

.25 CPE

LAB 325 – Defending TypeScript Applications Against CSRF

5 Minutes

.25 CPE

LAB 326 – Defending TypeScript Applications Against Path Traversal

5 Minutes

.25 CPE

LAB 287 – Defending Java Applications Against Null Pointer Dereference

10 Minutes

.25 CPE

LAB 288 – Defending C# Applications Against Null Pointer Dereference

10 Minutes

.25 CPE

LAB 289 – Defending Java Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 290 – Defending Python Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 291 – Defending Node.js Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 292 – Defending C# Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 293 – Defending Java Applications Against Integer Overflow

10 Minutes

.25 CPE

LAB 294 – Defending C# Applications Against Integer Overflow

10 Minutes

.25 CPE

API 251 – Implementing Web Application and API Protection (WAAP)

35 Minutes

0.75 CPE

DES 361 – Mitigating LCNC (Low-Code/No-Code) Account Impersonation

20 Minutes

.5 CPE

DES 362 – Mitigating LCNC (Low-Code/No-Code) Authorization Misuse

20 Minutes

.5 CPE

LAB 201 – Defending Java Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 202 – Defending Python Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 203 – Defending C# Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 204 – Defending Node.js Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 205 – Defending Java Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 275 – Defending Java Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 276 – Defending Python Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 277 – Defending Node.js Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 278 – Defending C# Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 279 – Defending Java Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 280 – Defending Python Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 281 – Defending Node.js Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 282 – Defending C# Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 283 – Defending Java Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 284 – Defending Python Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 285 – Defending Node.js Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 286 – Defending C# Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 137 – Identifying Improper Authorization

5 Minutes

0.25 CPE

LAB 138 – Identifying Authorization Bypass Through User-Controlled Key

5 Minutes

0.25 CPE

LAB 139 – Identifying Use of a Key Past its Expiration Date

5 Minutes

0.25 CPE

CYB 310 – Using Cyber Supply Chain Risk Management (C-SCRM) to Mitigate Threats to IT/OT

40 Minutes

0.75 CPE

ENG 320 – Using Software Composition Analysis (SCA) to Secure Open-Source Components

20 Minutes

0.5 CPE

LAB 212 – Defending Python Applications Against Credentials in Code Medium

10 Minutes

.25 CPE

LAB 213 – Defending Node.js Applications Against Credentials in Code Medium

10 Minutes

.25 CPE

LAB 214 – Defending C# Applications Against Credentials in Code Medium

10 Minutes

.25 CPE

LAB 215 – Defending Java Applications Against Business Logic Error for Input Validation

10 Minutes

.25 CPE

LAB 216 – Defending Python Applications Against Business Logic Error for Input Validation

10 Minutes

.25 CPE

LAB 217 – Defending Node.js Applications Against Business Logic Error for Input Validation

10 Minutes

.25 CPE

LAB 218 – Defending C# Applications Against Business Logic Error for Input Validation

10 Minutes

.25 CPE

LAB 224 – Defending Java Applications Against Forceful Browsing

10 Minutes

.25 CPE

LAB 225 – Defending Python Applications Against Forceful Browsing

10 Minutes

.25 CPE

LAB 226 – Defending Node.js Applications Against Forceful Browsing

10 Minutes

.25 CPE

LAB 227 – Defending C# Applications Against Forceful Browsing

10 Minutes

.25 CPE

LAB 133 – Identifying Exposure of Sensitive Information Through Environmental Variables

5 Minutes

0.25 CPE

LAB 134 – Identifying Plaintext Storage of a Password

5 Minutes

0.25 CPE

LAB 135 – Identifying URL Redirection to Untrusted Site

5 Minutes

0.25 CPE

LAB 136 – Identifying Improper Neutralization of Script in Attributes in a Web Page

5 Minutes

0.25 CPE

DES 219 – Securing Google’s Firebase Platform

60 Minutes

1.25 CPE

DES 261 – Securing Serverless Environments

20 Minutes

.5 CPE

LAB 131 – Identifying Improper Restriction of XML External Entity Reference

5 Minutes

0.25 CPE

LAB 132 – Identifying Exposed Services

5 Minutes

0.25 CPE

LAB 263 – Defending Java Applications Against Sensitive Information in Log Files

10 Minutes

.25 CPE

LAB 264 – Defending Python Applications Against Sensitive Information in Log Files

10 Minutes

.25 CPE

LAB 265 – Defending Node.js Applications Against Sensitive Information in Log Files

10 Minutes

.25 CPE

LAB 266 – Defending C# Applications Against Sensitive Information in Log Files

10 Minutes

.25 CPE

LAB 267 – Defending Java Applications Against Deserialization of Untrusted Data

10 Minutes

.25 CPE

LAB 268 – Defending Python Applications Against Deserialization of Untrusted Data

10 Minutes

.25 CPE

LAB 269 – Defending Node.js Applications Against Deserialization of Untrusted Data

10 Minutes

.25 CPE

LAB 270 – Defending C# Applications Against Deserialization of Untrusted Data

10 Minutes

.25 CPE

LAB 271 – Defending Java Applications Against SSRF

10 Minutes

.25 CPE

LAB 272 – Defending Python Applications Against SSRF

10 Minutes

.25 CPE

LAB 273 – Defending Node.js Applications Against SSRF

10 Minutes

.25 CPE

LAB 274 – Defending C# Applications Against SSRF

10 Minutes

.25 CPE

LAB 211 – Defending Java Applications Against Credentials in Code Medium

10 Minutes

.25 CPE

LAB 229 – Defending Java Applications Against Weak PRNG

10 Minutes

0.25 CPE

LAB 247 – Defending Node.js Applications Against Weak PRNG

10 Minutes

0.25 CPE

LAB 253 – Defending Python Applications Against Weak PRNG

10 Minutes

0.25 CPE

DES 314 – Hardening the Docker Engine

15 Minutes

0.25 CPE

API 214 – Mitigating APIs Improper Asset Management

15 Minutes

0.25 CPE

ICS 310 – Protecting Information and System Integrity in Industrial Control System Environments

15 Minutes

0.25 CPE

API 213 – Mitigating APIs Mass Assignment

15 Minutes

0.25 CPE

LAB 127 – Identifying Security Logging and Monitoring Failures

5 Minutes

0.25 CPE

LAB 128 – Identifying Unverified Password Change

5 Minutes

0.25 CPE

LAB 129 – Identifying Error Message Containing Sensitive Information

5 Minutes

0.25 CPE

LAB 130 – Identifying Generation of Predictable Numbers or Identifiers

5 Minutes

0.25 CPE

LAB 236 – Defending Java Applications Against Sensitive Information in Error Messages

10 Minutes

0.25 CPE

LAB 260 – Defending C# Applications Against Sensitive Information in Error Messages

10 Minutes

0.25 CPE

LAB 261 – Defending Python Applications Against Sensitive Information in Error Messages

10 Minutes

0.25 CPE

LAB 262 – Defending Node.js Applications Against Sensitive Information in Error Messages

10 Minutes

0.25 CPE

API 250 – Controlling Access to the Kubernetes API

20 Minutes

.5 CPE

DES 313 – Hardening a Kubernetes Cluster

20 Minutes

0.5 CPE

CYB 250 – Cyber Threat Hunting: Tactics, Techniques, and Procedures (TTP)

20 Minutes

0.5 CPE

LAB 111 – Identifying Server-Side Request Forgery

5 Minutes

0.25 CPE

LAB 124 – Identifying Horizontal Privilege Escalation

5 Minutes

0.25 CPE

LAB 125 – Identifying Buffer Overflow

5 Minutes

0.25 CPE

LAB 126 – Identifying Information Leakage

5 Minutes

0.25 CPE

LAB 250 – Defending C# Applications Against Parameter Tampering

10 Minutes

0.25 CPE

LAB 234 – Defending Java Applications Against Parameter Tampering

10 Minutes

0.25 CPE

LAB 248 – Defending Node.js Applications Against Parameter Tampering

10 Minutes

0.25 CPE

LAB 254 – Defending Python Applications Against Parameter Tampering

10 Minutes

0.25 CPE

LAB 251 – Defending C# Applications Against Plaintext Password Storage

10 Minutes

0.25 CPE

LAB 235 – Defending Java Applications Against Plaintext Password Storage

10 Minutes

0.25 CPE

LAB 245 – Defending Node.js Applications Against Plaintext Password Storage

10 Minutes

0.25 CPE

LAB 249 – Defending Python Applications Against Plaintext Password Storage

10 Minutes

0.25 CPE

LAB 238 – Defending C# Applications Against Weak AES ECB Mode Encryption

10 Minutes

0.25 CPE

LAB 228 – Defending Java Applications Against Weak AES ECB Mode Encryption

10 Minutes

0.25 CPE

LAB 246 – Defending Node.js Applications Against Weak AES ECB Mode Encryption

10 Minutes

0.25 CPE

LAB 252 – Defending Python Applications Against Weak AES ECB Mode Encryption

10 Minutes

0.25 CPE

LAB 239 – Defending C# Applications Against Weak PRNG

10 Minutes

0.25 CPE

SDT 310 – Testing for Security Logging and Monitoring Failures

10 Minutes

0.25 CPE

LAB 113 – Identifying Cryptographic Failures

5 Minutes

0.25 CPE

LAB 121 – Identifying Vulnerable and Outdate Components

5 Minutes

0.25 CPE

LAB 122 – Identifying Insecure APIs

5 Minutes

0.25 CPE

LAB 123 – Identifying Vertical Privilege Escalation

5 Minutes

0.25 CPE

LAB 221 – Defending C# Applications Against SQL Injection

10 Minutes

0.25 CPE

LAB 222 – Defending Python Applications Against SQL Injection

10 Minutes

0.25 CPE

LAB 223 – Defending Node.js Applications Against SQL Injection

10 Minutes

0.25 CPE

LAB 240 – Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities

10 Minutes

0.25 CPE

LAB 241 – Defending C# Applications Against eXternal XML Entity (XXE) Vulnerabilities

10 Minutes

0.25 CPE

LAB 242 – Defending Node.js Applications Against eXternal XML Entity (XXE) Vulnerabilities

10 Minutes

0.25 CPE

LAB 243 – Defending Python Applications Against eXternal XML Entity (XXE) Vulnerabilities

10 Minutes

0.25 CPE

LAB 244 – Defending Java Applications Against Security Misconfiguration

12 Minutes

0.25 CPE

LAB 615 – ATT&CK: Updating Vulnerable Java Web Application Server Software

12 Minutes

0.25 CPE

LAB 623 – ATT&CK: Exploiting Vulnerable Java Web Application Server Software

12 Minutes

0.25 CPE

LAB 624 – ATT&CK: Exploiting Java Web Application Server Misconfiguration

12 Minutes

0.25 CPE

DES 209 – Authentication and Lifecycle Management

15 Minutes

0.25 CPE

API 211 – Mitigating APIs Broken Object Level Authorization

15 Minutes

0.25 CPE

LAB 630 – ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes

15 Minutes

0.25 CPE

DES 232 – Mitigating OWASP 2021 Injection

12 Minutes

0.25 CPE

DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures

12 Minutes

0.25 CPE

DES 234 – Mitigating OWASP 2021 Cryptographic Failures

12 Minutes

0.25 CPE

DES 235 – Mitigating OWASP 2021 Insecure Design

12 Minutes

0.25 CPE

DES 236 – Mitigating OWASP 2021 Broken Access Control

12 Minutes

0.25 CPE

DES 237 – Mitigating OWASP 2021 Security Misconfiguration

12 Minutes

0.25 CPE

DES 238 – Mitigating OWASP 2021 Server-Side Request Forgery (SSRF)

12 Minutes

0.25 CPE

DES 239 – Mitigating OWASP 2021 Software and Data Integrity Failures

12 Minutes

0.25 CPE

DES 240 – Mitigating OWASP 2021 Vulnerable and Outdated Components

12 Minutes

0.25 CPE

DES 241 – Mitigating OWASP 2021 Security Logging and Monitoring Failures

12 Minutes

0.25 CPE

SDT 301 – Testing for Injection

10 Minutes

0.25 CPE

SDT 302 – Testing for Identification and Authentication Failures

10 Minutes

0.25 CPE

SDT 303 – Testing for Cryptographic Failures

10 Minutes

0.25 CPE

SDT 304 – Testing for Insecure Design

10 Minutes

0.25 CPE

SDT 305 – Testing for Broken Access Control

10 Minutes

0.25 CPE

SDT 306 – Testing for Security Misconfiguration

10 Minutes

0.25 CPE

SDT 307 – Testing for Server-Side Request Forgery (SSRF)

10 Minutes

0.25 CPE

SDT 308 – Testing for Software and Data Integrity Failures

10 Minutes

0.25 CPE

SDT 309 – Testing for Vulnerable and Outdated Components

10 Minutes

0.25 CPE

DES 207 – Mitigating OWASP API Security Top 10

15 Minutes

0.25 CPE

DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing

15 Minutes

0.25 CPE

DES 217 – Securing Terraform Infrastructure and Resources

20 Minutes

.5 CPE

LAB 114 – Identifying Cookie Tampering

5 Minutes

0.25 CPE

LAB 115 – Identifying Reflective XSS

5 Minutes

0.25 CPE

LAB 116 – Identifying Forceful Browsing

5 Minutes

0.25 CPE

LAB 117 – Identifying Hidden Form Field

5 Minutes

0.25 CPE

LAB 118 – Identifying Weak File Upload Validation

5 Minutes

0.25 CPE

LAB 119 – Identifying Persistent XSS

5 Minutes

0.25 CPE

LAB 120 – Identifying XML Injection

5 Minutes

0.25 CPE

LAB 220 – Defending Against Hard-Coded Secrets

5 Minutes

0.25 CPE

LAB 230 – Defending Java Applications Against XSS

15 Minutes

0.25 CPE

LAB 231 – Defending Python Applications Against XSS

15 Minutes

0.25 CPE

LAB 232 – Defending C# Applications Against XSS

15 Minutes

0.25 CPE

LAB 233 – Defending Node.js Applications Against XSS

15 Minutes

0.25 CPE

LAB 237 – Defending Java Applications Against SQL Injection

20 Minutes

0.5 CPE

LAB 621 – ATT&CK: Password Cracking

5 Minutes

0.25 CPE

LAB 622 – ATT&CK: Exploiting Windows File Sharing Server with External Remote Services

20 Minutes

0.5 CPE

COD 319 – Preventing Vulnerabilities in Android Code in Java

30 Minutes

.6 CPE

COD 384 – Protecting Java from Information Disclosure

8 Minutes

.25 CPE

COD 385 – Preventing Race Conditions in Java Code

8 Minutes

.25 CPE

COD 386 – Preventing Integer Overflows in Java Code

8 Minutes

.25 CPE

COD 324 – Protecting C# from XML Injection

8 Minutes

.25 CPE

SDT 317 – Testing for Improper Control of Generation of Code

10 Minutes

0.25 CPE

SDT 318 – Testing for Insufficiently Protected Credentials

10 Minutes

.25 CPE

SDT 319 – Testing for Out-of-bounds Read

10 Minutes

.25 CPE

SDT 322 – Testing for Improper Privilege Management

10 Minutes

.25 CPE

SDT 324 – Testing for Improper Restriction of Operations within the Bounds of a Memory Buffer

10 Minutes

.25 CPE

SDT 325 – Testing for NULL Pointer Dereference

10 Minutes

.25 CPE

SDT 326 – Testing for Use After Free

10 Minutes

.25 CPE

CYB 301 – Fundamentals of Ethical Hacking

15 Minutes

.25 CPE

SDT 320 – Testing for Out-of-bounds Write

10 Minutes

.25 CPE

SDT 321 – Testing for Uncontrolled Resource Consumption

10 Minutes

.25 CPE

DSO 256 – DevSecOps in the Google Cloud Platform

20 Minutes

0.5 CPE

DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening

12 Minutes

0.25 CPE

DSO 304 – Securing API Gateways in a DevSecOps Framework

20 Minutes

0.5 CPE

DSO 302 – Automated Security Testing

20 Minutes

0.5 CPE

COD 285 – Developing Secure Angular Applications

30 Minutes

.5 CPE

COD 286 – Creating Secure React User Interfaces

10 Minutes

.25 CPE

COD 366 – Creating Secure Kotlin Applications

20 Minutes

.5 CPE

DES 312 – Protecting Cardholder Data

20 Minutes

0.5 CPE

DSO 306 – Implementing Infrastructure as Code

20 Minutes

.5 CPE

DSO 307 – Secure Secrets Management

20 Minutes

0.5 CPE

ENG 212 – Implementing Secure Software Operations

20 Minutes

0.5 CPE

COD 315 – Preventing Vulnerabilities in iOS Code in Swift

20 Minutes

.5 CPE

DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords

12 Minutes

0.25 CPE

DES 282 – OWASP IoT2: Mitigating Insecure Network Services

12 Minutes

0.25 CPE

DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces

12 Minutes

0.25 CPE

DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism

12 Minutes

0.25 CPE

DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components

12 Minutes

0.25 CPE

DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection

12 Minutes

0.25 CPE

DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage

12 Minutes

0.25 CPE

DES 288 – OWASP IoT8: Mitigating Lack of Device Management

12 Minutes

0.25 CPE

DES 289 – OWASP IoT9: Mitigating Insecure Default Settings

12 Minutes

0.25 CPE

DES 306 – Creating a Secure Blockchain Network

20 Minutes

0.5 CPE

DSO 253 – DevSecOps in the AWS Cloud

20 Minutes

0.5 CPE

DSO 254 – DevSecOps in the Azure Cloud

20 Minutes

0.5 CPE

ENG 352 – Categorizing Systems and Information within the RMF

10 Minutes

0.25 CPE

ENG 353 – Selecting, Implementing and Assessing Controls within the RMF

20 Minutes

0.5 CPE

ENG 354 – Authorizing and Monitoring System Controls within the RMF

20 Minutes

0.5 CPE

COD 284 – Secure Java Coding

30 Minutes

.5 CPE

ENG 150 – Meeting Confidentiality, Integrity, and Availability

30 Minutes

.5 CPE

COD 214 – Creating Secure GO Applications

30 Minutes

0.5 CPE

COD 267 – Securing Python Microservices

30 Minutes

0.5 CPE

COD 383 – Protecting Java Backend Services

30 Minutes

0.5 CPE

COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks

45 Minutes

1 CPE

COD 309 – Securing ASP.NET MVC Applications

20 Minutes

0.4 CPE

ENG 251 – Risk Management Foundations

20 Minutes

0.5 CPE

ENG 351 – Preparing the Risk Management Framework

20 Minutes

0.5 CPE

TST 205 – Performing Vulnerability Scans

45 Minutes

1 CPE

COD 251 – Defending AJAX-Enabled Web Applications

25 Minutes

.5 CPE

COD 258 – Creating Secure PHP Web Applications

30 Minutes

0.5 CPE

DES 255 – Securing the IoT Update Process

30 Minutes

0.5 CPE

TST 101 – Fundamentals of Security Testing

20 Minutes

0.5 CPE

SDT 316 – Testing for Use of Hard-Coded Credentials

15 Minutes

.25 CPE

SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type

15 Minutes

.25 CPE

SDT 313 – Testing for (CSRF) Cross Site Request Forgery

15 Minutes

.25 CPE

SDT 312 – Testing for (Path Traversal) Improper Limitation of a Pathname to a Restricted Directory

15 Minutes

.25 CPE

SDT 315 – Testing for Incorrect Permission Assignment for Critical Resource

15 Minutes

.25 CPE

SDT 311 – Testing for Integer Overflow or Wraparound

15 Minutes

.25 CPE

COD 102 – Challenges in Application Security

10 Minutes

0.25 CPE

COD 103 – Creating Software Security Requirements

10 Minutes

0.25 CPE

COD 104 – Designing Secure Software

15 Minutes

0.25 CPE

COD 105 – Secure Software Development

20 Minutes

0.5 CPE

COD 106 – The Importance of Software Integration and Testing

15 Minutes

0.25 CPE

COD 107 – Secure Software Deployment

10 Minutes

0.25 CPE

COD 108 – Software Operations and Maintenance

10 Minutes

0.25 CPE

COD 246 – PCI DSS Requirement 3: Protecting Stored Cardholder Data

20 Minutes

.5 CPE

COD 247 – PCI DSS Requirement 4: Encrypting Transmission of Cardholder Data

15 Minutes

.25 CPE

COD 248 – PCI DSS Requirement 6: Develop and Maintain Secure Systems and Applications

15 Minutes

.25 CPE

COD 249 – PCI DSS Requirement 11: Regularly Test Security Systems and Processes

15 Minutes

.25 CPE

COD 265 – Secure Python Scripting

15 Minutes

0.25 CPE

COD 266 – Secure Ruby Scripting

15 Minutes

0.25 CPE

ENG 117 – Essential Information Security Program Planning

15 Minutes

0.25 CPE

ENG 120 – Essential Security Assessment & Authorization

15 Minutes

0.25 CPE

ENG 123 – Essential Security Engineering Principles

15 Minutes

0.25 CPE

ENG 124 – Essential Application Protection

15 Minutes

0.25 CPE

ENG 126 – Essential Security Maintenance Policies

15 Minutes

0.25 CPE

ENG 191 – Introduction to the Microsoft SDL

25 Minutes

0.5 CPE

ENG 192 – Implementing the Agile Microsoft SDL

20 Minutes

0.5 CPE

ENG 193 – Implementing the Microsoft SDL Optimization Model

12 Minutes

0.25 CPE

ENG 194 – Implementing Microsoft SDL Line of Business

20 Minutes

0.5 CPE

ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool

20 Minutes

0.5 CPE

ENG 205 – Fundamentals of Threat Modeling

45 Minutes

1 CPE

ENG 312 – How to Perform a Security Code Review

30 Minutes

0.5 CPE

COD 363 – Securing HTML5 Data

20 Minutes

0.5 CPE

COD 364 – Securing HTML5 Connectivity

20 Minutes

0.5 CPE

COD 380 – Preventing SQL Injection in Java

8 Minutes

.25 CPE

COD 381 – Preventing Path Traversal Attacks in Java

8 Minutes

.25 CPE

COD 382 – Protecting Data in Java

30 Minutes

.5 CPE

DES 101 – Fundamentals of Secure Architecture

20 Minutes

0.5 CPE

DES 202 – Cryptographic Suite Services: Encoding, Encrypting & Hashing

45 Minutes

1 CPE

 Home/  Course Catalog/ NICE Work Roles/Design and Development (DD)

Courses

Training

Solutions

About