DEV522: Defending Web Applications Security Essentials

DEV522: Defending Web Applications Security Essentials is intended for anyone tasked with implementing, managing, or protecting web applications. It is particularly well suited to application security analysts, developers, application architects, pen testers, auditors who are interested in recommending proper mitigations for web security issues, and infrastructure security professionals who have an interest in better defending their web applications.

Learn More

DEV531: Defending Mobile Applications Security Essentials

DEV531: Defending Mobile Applications Security Essentials covers the most prevalent mobile app risks, including those from the OWASP Mobile Top 10. Students will participate numerous hands-on exercises available in both the Android and iOS platforms. Each exercise is designed to reinforce the lessons learned throughout the course, ensuring that you understand how to properly defend your organization's mobile applications.

Learn More

DEV534: Secure DevOps: A Practical Introduction

This course, Secure DevOps: A Practical Introduction (DEV534) explains the fundamentals of DevOps, and how DevOps teams can build and deliver secure software. It will explain the principles and practices and tools in DevOps and how they can be leveraged to improve the reliability, integrity and security of systems.

Learn More

Secure Coding

DEV541: Secure Coding in Java/JEE: Developing Defensible Applications

This is a comprehensive course covering a huge set of skills and knowledge. It is not a high-level theory course. It is about real programming. In this course you will examine actual code, work with real tools, build applications, and gain confidence in the resources you need for the journey to improving the security of Java applications.

Learn More

DEV543: Secure Coding in C & C++

Even though C and, to a lesser extent, C++ are well understood languages, the flexibility of the language and inconsistencies in the standard C libraries have led to an enormous number of discovered vulnerabilities over the years. The unfortunate truth is that there are probably more undiscovered vulnerabilities than there are known vulnerabilities!

Learn More

DEV544: Secure Coding in .NET: Developing Defensible Applications

Rather than focusing on traditional web attacks from the attacker's perspective, this class will show developers first how to think like an attacker, and will then focus on the latest defensive techniques specific to the ASP.NET environment. The emphasis of the class is a hands-on examination of the practical aspects of securing .NET applications during development.

Learn More


SEC542: Web App Penetration Testing and Ethical Hacking

In this intermediate-to-advanced level class, you will learn the art of exploiting web applications so you can find flaws in your enterprise's web apps before the bad guys do. Through detailed, hands-on exercises and training from a seasoned professional, you will be taught the four-step process for web application penetration testing. Inject SQL into back-end databases and learn how attackers exfiltrate sensitive data. Utilize cross-site scripting attacks to dominate a target infrastructure in our unique hands-on laboratory environment. You will also explore various other web app vulnerabilities in-depth with tried-and-true techniques for finding them using a structured testing regimen. By learning the tools and methods of the attacker, you can be a powerful defender.

Learn More

SEC642: Advanced Web App Penetration Testing and Ethical Hacking

This course is designed to teach you the advanced skills and techniques required to test web applications today. This advanced pen testing course uses a combination of lecture, real-world experiences, and hands-on exercises to educate the you in the techniques used to test the security of enterprise applications. The final day of the course culminates in a Capture the Flag (CtF) event, which tests the knowledge you will have acquired the previous five days.

Learn More


HOSTED: Certified Secure Software Lifecycle Professional (CSSLP®) CBK® Training Seminar

The (ISC)2 5-day CSSLP CBK Education Program is the exclusive way to learn security best practices and industry standards for the software lifecycle - critical information to a CSSLP. This is where you will learn tools and processes on how security should be built into each phase of the software lifecycle. It will also detail security measures that need to take place beginning with the requirement phase, through software design all the way through software testing and ultimately disposal.

Learn More