Security Journey

Our Business Learner Paths are designed for individuals involved in software development, such as product managers, UX designers, system admins, and QA engineers to help them support secure development efforts.

The Business Learner training content is organized into three progressive levels:

Business Learner Foundational: Introduces the basics of application security, such as the different types of security vulnerabilities, the importance of secure coding practices, and the role of security testing.

Business Learner Intermediate: Takes a deeper dive into application security, covering threat modeling, risk assessment, and security controls.

Business Learner Advanced: Covers cutting-edge application security topics, such as DevSecOps, secure design, and common weaknesses.

- Business Learner Foundational: Introduces the basics of application security, such as the different types of security vulnerabilities, the importance of secure coding practices, and the role of security testing.
- Business Learner Intermediate: Takes a deeper dive into application security, covering threat modeling, risk assessment, and security controls.
- Business Learner Advanced: Covers cutting-edge application security topics, such as DevSecOps, secure design, and common weaknesses.

Video Only | Total Learning Path Duration: 4 hours and 8 minutes

<a href="https://my.securityjourney.com/modules/820/lesson" rel="nofollow noopener noreferrer" target="_blank">Introduction to Security Journey</a>

<a href="https://my.securityjourney.com/modules/890/lesson" rel="nofollow noopener noreferrer" target="_blank">Introduction to Security</a>

<a href="https://my.securityjourney.com/modules/912/lesson" rel="nofollow noopener noreferrer" target="_blank">Core Security Concepts</a>

<a href="https://my.securityjourney.com/modules/892/lesson" rel="nofollow noopener noreferrer" target="_blank">Attacks</a>

<a href="https://my.securityjourney.com/modules/914/lesson" rel="nofollow noopener noreferrer" target="_blank">Attackers</a>

<a href="https://my.securityjourney.com/modules/902/lesson" rel="nofollow noopener noreferrer" target="_blank">Threat Landscape</a>

<a href="https://my.securityjourney.com/modules/920/lesson" rel="nofollow noopener noreferrer" target="_blank">The Hacker Mindset</a>

<a href="https://my.securityjourney.com/modules/897/lesson" rel="nofollow noopener noreferrer" target="_blank">Social Engineering</a>

<a href="https://my.securityjourney.com/modules/930/lesson" rel="nofollow noopener noreferrer" target="_blank">Security Myths</a>

<a href="https://my.securityjourney.com/modules/915/lesson" rel="nofollow noopener noreferrer" target="_blank">Security Culture and Mindset</a>

<a href="https://my.securityjourney.com/modules/919/lesson" rel="nofollow noopener noreferrer" target="_blank">Data Breaches</a>

<a href="https://my.securityjourney.com/modules/918/lesson" rel="nofollow noopener noreferrer" target="_blank">Security Business Case</a>

<a href="https://my.securityjourney.com/modules/894/lesson" rel="nofollow noopener noreferrer" target="_blank">Prioritizing Security</a>

<a href="https://my.securityjourney.com/modules/929/lesson" rel="nofollow noopener noreferrer" target="_blank">Translating Security</a>

<a href="https://my.securityjourney.com/modules/917/lesson" rel="nofollow noopener noreferrer" target="_blank">Risk Managment for AppSec</a>

<a href="https://my.securityjourney.com/modules/911/lesson" rel="nofollow noopener noreferrer" target="_blank">Privacy and Customer Data Protection</a>

<a href="https://my.securityjourney.com/modules/910/lesson" rel="nofollow noopener noreferrer" target="_blank">Dealing with Vulnerabilities </a>

<a href="https://my.securityjourney.com/modules/898/lesson" rel="nofollow noopener noreferrer" target="_blank">Security at Home</a>

<a href="https://my.securityjourney.com/modules/913/lesson" rel="nofollow noopener noreferrer" target="_blank">Tips for Secure Remote Work </a>

<a href="https://my.securityjourney.com/modules/891/lesson" rel="nofollow noopener noreferrer" target="_blank">OWASP Universe </a>

<a href="https://my.securityjourney.com/modules/916/lesson" rel="nofollow noopener noreferrer" target="_blank">Knowledge Sources </a>

<a href="https://my.securityjourney.com/modules/895/lesson" rel="nofollow noopener noreferrer" target="_blank">Threat Landscape: Cloud</a>

<a href="https://my.securityjourney.com/modules/893/lesson" rel="nofollow noopener noreferrer" target="_blank">IoT Threat Landscape</a>

<a href="https://my.securityjourney.com/modules/896/lesson" rel="nofollow noopener noreferrer" target="_blank">Secure Development Lifecycle</a>

___________________________________________________________

Video Only | Total Learning Path Duration: 4 hours and 40 minutes

<a href="https://my.securityjourney.com/modules/800/lesson" rel="nofollow noopener noreferrer" target="_blank">Six Foundational Truths of Application Security</a>

<a href="https://my.securityjourney.com/modules/807/lesson" rel="nofollow noopener noreferrer" target="_blank">Security Requirements </a>

<a href="https://my.securityjourney.com/modules/774/lesson" rel="nofollow noopener noreferrer" target="_blank">Threat Modeling Basics</a>

<a href="https://my.securityjourney.com/modules/797/lesson" rel="nofollow noopener noreferrer" target="_blank">Threat Modeling Process</a>

<a href="https://my.securityjourney.com/modules/798/lesson" rel="nofollow noopener noreferrer" target="_blank">Threat Modeling Examples</a>

<a href="https://my.securityjourney.com/modules/775/lesson" rel="nofollow noopener noreferrer" target="_blank">Threat Modeling Manifesto</a>

<a href="https://my.securityjourney.com/modules/763/lesson" rel="nofollow noopener noreferrer" target="_blank">Input Validation</a>

<a href="https://my.securityjourney.com/modules/818/lesson" rel="nofollow noopener noreferrer" target="_blank">Output Encoding</a>

<a href="https://my.securityjourney.com/modules/767/lesson" rel="nofollow noopener noreferrer" target="_blank">Authentication Theory</a>

<a href="https://my.securityjourney.com/modules/768/lesson" rel="nofollow noopener noreferrer" target="_blank">Authorization Theory</a>

<a href="https://my.securityjourney.com/modules/773/lesson" rel="nofollow noopener noreferrer" target="_blank">Logging and Exception Handling</a>

<a href="https://my.securityjourney.com/modules/812/lesson" rel="nofollow noopener noreferrer" target="_blank">Cryptography</a>

<a href="https://my.securityjourney.com/modules/777/lesson" rel="nofollow noopener noreferrer" target="_blank">Software Supply Chain </a>

<a href="https://my.securityjourney.com/modules/790/lesson" rel="nofollow noopener noreferrer" target="_blank">OWASP Top 10 | Part 1</a>

<a href="https://my.securityjourney.com/modules/791/lesson" rel="nofollow noopener noreferrer" target="_blank">OWASP Top 10 | Part 2</a>

<a href="https://my.securityjourney.com/modules/792/lesson" rel="nofollow noopener noreferrer" target="_blank">OWASP Top 10 | Part 3</a>

<a href="https://my.securityjourney.com/modules/781/lesson" rel="nofollow noopener noreferrer" target="_blank">Injection: SQL and Command</a>

<a href="https://my.securityjourney.com/modules/819/lesson" rel="nofollow noopener noreferrer" target="_blank">Cross Site Request Forgery (CSRF)</a>

<a href="https://my.securityjourney.com/modules/804/lesson" rel="nofollow noopener noreferrer" target="_blank">Cross-Site Scripting (XSS) | Part 1</a>

<a href="https://my.securityjourney.com/modules/805/lesson" rel="nofollow noopener noreferrer" target="_blank">Cross-Site Scripting (XSS) | Part 2</a>

<a href="https://my.securityjourney.com/modules/776/lesson" rel="nofollow noopener noreferrer" target="_blank">Buffer Overflows and Remote Code Execution </a>

<a href="https://my.securityjourney.com/modules/778/lesson" rel="nofollow noopener noreferrer" target="_blank">Denial of Service (DoS)</a>

<a href="https://my.securityjourney.com/modules/799/lesson" rel="nofollow noopener noreferrer" target="_blank">Server-Side Request Forgery</a>

<a href="https://my.securityjourney.com/modules/815/lesson" rel="nofollow noopener noreferrer" target="_blank">Insecure Communication</a>

Video Only | Total Learning Path Duration: 4 hours and 57 minutes

<a href="https://my.securityjourney.com/modules/809/lesson" rel="nofollow noopener noreferrer" target="_blank">AppSec in an Agile World | Part 1</a>

<a href="https://my.securityjourney.com/modules/525/lesson" rel="nofollow noopener noreferrer" target="_blank">AppSec in an Agile World | Part 2</a>

<a href="https://my.securityjourney.com/modules/967/lesson" rel="nofollow noopener noreferrer" target="_blank">AppSec in a DevOps World</a>

<a href="https://my.securityjourney.com/modules/287/lesson" rel="nofollow noopener noreferrer" target="_blank">Security Behaviors for DevOps</a>

<a href="https://my.securityjourney.com/modules/780/lesson" rel="nofollow noopener noreferrer" target="_blank">Static Application Security Testing (SAST)</a>

<a href="https://my.securityjourney.com/modules/814/lesson" rel="nofollow noopener noreferrer" target="_blank">Dynamic Application Security Testing (DAST)</a>

<a href="https://my.securityjourney.com/modules/808/lesson" rel="nofollow noopener noreferrer" target="_blank">Vulnerability Scanning</a>

<a href="https://my.securityjourney.com/modules/816/lesson" rel="nofollow noopener noreferrer" target="_blank">Next Generation AppSec Tools</a>

<a href="https://my.securityjourney.com/modules/803/lesson" rel="nofollow noopener noreferrer" target="_blank">Penetration Testing and Bug Bounty</a>

<a href="https://my.securityjourney.com/modules/779/lesson" rel="nofollow noopener noreferrer" target="_blank">Thinking like a Penetration Tester</a>

<a href="https://my.securityjourney.com/modules/276/lesson" rel="nofollow noopener noreferrer" target="_blank">Intro to Secure Development</a>

<a href="https://my.securityjourney.com/modules/132/lesson" rel="nofollow noopener noreferrer" target="_blank">Designing a Secure App or Product</a>

<a href="https://my.securityjourney.com/modules/811/lesson" rel="nofollow noopener noreferrer" target="_blank">Secure Design Principles | Part 1</a>

<a href="https://my.securityjourney.com/modules/817/lesson" rel="nofollow noopener noreferrer" target="_blank">Secure Design Principles | Part 2</a>

<a href="https://my.securityjourney.com/modules/288/lesson" rel="nofollow noopener noreferrer" target="_blank">Secure Design Principles in Action: Part 1</a>

<a href="https://my.securityjourney.com/modules/289/lesson" rel="nofollow noopener noreferrer" target="_blank">Secure Design Principles in Action: Part 2</a>

<a href="https://my.securityjourney.com/modules/277/lesson" rel="nofollow noopener noreferrer" target="_blank">Intro to Secure Coding</a>

<a href="https://my.securityjourney.com/modules/277/lesson" rel="nofollow noopener noreferrer" target="_blank">Securing the Development Environment </a>

<a href="https://my.securityjourney.com/modules/281/lesson" rel="nofollow noopener noreferrer" target="_blank">Protecting your Code Repository </a>

<a href="https://my.securityjourney.com/modules/388/lesson" rel="nofollow noopener noreferrer" target="_blank">Secure the Release</a>

Foundational Business Learner

Video Only | Total Learning Path Duration: 4 hours and 8 minutes

Intermediate Business Learner

Video Only | Total Learning Path Duration: 4 hours and 40 minutes

Advanced: Business Learner

Video Only | Total Learning Path Duration: 4 hours and 57 minutes