Recommended Paths (Video and Hands On): Compliance

Easily meet and report on compliance goals with short, focused paths to make the most of your development team's valuable time.

Learners are rewarded with a certificate at the end of each path.

ISO 27001

ISO 27001 is an international standard for information security management that defines the security requirements for an information security management system (ISMS). (Video + Hands On)

Total Learning Path Duration: 4 hours

Secure Development Lifecycle

Secure Coding Best Practices: Part 1

Secure Coding Best Practices: Part 2

Broken Access Control (HackEDU)

Cryptographic Failtures (HackEDU)

Command Injection (HackEDU)

Insecure Design (HackEDU)

Security Misconfiguration (HackEDU)

Vulnerable and Outdated Components (HackEDU)

Identification and Authentication Failures (HackEDU)

Software Data and Integrity Failures (HackEDU)

Security Logging and Monitoring Failures (HackEDU)

Server-side Request Forgery (SSRF) (HackEDU)

CWE Top 25 | Part 1

CWE Top 25 | Part 2

CWE Top 25 | Part 3

CWE Top 25 | Part 4

---

OWASP Top 10 - Web Applications

Train on the OWASP Top 10 threats to web applications. (Video + Hands On)

Total Learning Path Duration: 4 hours and 42 minutes

OWASP Top 10 | Part 1

Broken Access Control (HackEDU)

Cryptographic Failures (HackEDU)

SQL Injection: Part 1 (HackEDU)

SQL Injection: Part 2 (HackEDU)

SQL Injection: Part 3 (HackEDU)

Reflected Cross-Site Scripting (XSS) (HackEDU)

DOM-Based Cross-Site Scripting (XSS) (HackEDU)

Stored Cross-Site Scripting (XSS) (HackEDU)

Command Injection (HackEDU)

OWASP Top 10 | Part 2

Insecure Design (HackEDU)

XML External Entities (XXE) (HackEDU)

Vulnerable and Outdated Components (HackEDU)

Identification and Authentication Failures (HackEDU)

OWASP Top 10 | Part 3

Software and Data Integrity Failures (HackEDU)

Security Logging and Monitoring Failures (HackEDU)

Server-Side Request Forgery (SSRF) (HackEDU)

---

PCI-DSS

Meet the developer training requirements to be PCI-DSS compliant. (Video + Hands On)

Total Learning Path Duration: 5 hours and 24 minutes

Security Requirements

Secure Development Lifestyle

Threat Modeling Basics

Intro to Secure Coding

Secure Coding Best Practices: Part 1

Secure Coding Best Practices: Part 2

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Vulnerability Scanning

Secure Coding Review | Part 1

Secure Coding Review | Part 2

OWASP Top 10 | Part 1

Broken Access Control (HackEDU)

Cryptographic Failures (HackEDU)

Command Injection (HackEDU)

OWASP Top 10 | Part 2

Identification and Authentication Failures (HackEDU)

OWASP Top 10 | Part 3

Security Logging and Monitoring Failures (HackEDU)

Server-Side Request Forgery (SSRF) (HackEDU)

Software Supply Chain

Secure the Release

Securing the Development Environment

Protecting your Code Repository

---

Security Awareness

Learn the fundamentals of cybersecurity and the techniques to protect yourself from cyber threats. (Video Only)

Total Learning Path Duration: 1 hour and 46 minutes

Awareness: Vocabulary

Awareness: Myths and Misconceptions

Awareness: Attackers

Awareness: Data Breach

Awareness: Data Security

Awareness: Human Factors

Awareness: Passwords

Awareness: Phishing 101

Awareness: Privacy

Awareness: Social Engineering

Awareness: Mobile Security

Awareness: Social Media

Awareness: SPAM or Scam

Awareness: Travel Security

Awareness: USB and Removable Devices

---

White House Executive Order

Meet training compliance in line with the requirements laid out in the White House Executive Order on Improving the Nation’s Cybersecurity. (Video Only)

Total Learning Path Duration: 1 hours and 36 minutes

Secure Coding Best Practices: Part 1

Secure Coding Best Practices: Part 2

Secure Design Principles | Part 1

Secure Design Principles | Part 2

Logging and Exception Handeling

The Five Cloud Security Disciplines

Software Supply Chain

Privacy and Customer Data Protection