Course Content

Module 1: Lab Setup

06:48
1.1 Intro
05:28
1.2 Lab Setup
13:14
1.3 BurpSuite
03:17
1.4 Mutillidae

Module 2: Injections

01:27
2.1 Intro
12:08
2.2 Explanations
03:24
2.3 SQL Injection Demo
02:37
2.4 Command Injection Demo
06:58
2.5 JSON Injection Demo
06:30
2.6 Defenses
02:43
2.7 Lab Solution

Module 3: Session Management

01:13
3.1 Intro
14:13
3.2 Explanations
03:58
3.3 CookieManipulation Demo
11:41
3.4 Username Enum Demo
06:00
3.5 BruteForce Demo
05:35
3.6 Defenses
02:15
3.7 Lab Solution 1
02:54
3.8 Lab Solutions 2
03:03
3.9 Lab Solutions 3

Module 4: Cross Site Scripting

01:14
4.1 Intro
10:27
4.2 Explanations
05:23
4.3 Reflected XSS HTML context Demo
10:44
4.4 Reflected XSS JS context Demo
06:34
4.5 Stored Demo
13:57
4.6 Defenses
04:44
4.7 Lab Solutions 1
02:57
4.8 Lab Solutions 2

Module 5: Direct Object Reference

01:12
5.1 Intro
12:37
5.2 Explanations
07:28
5.3 IDOR files tokens Demo
04:23
5.4 IDO urls tokens Demo
07:44
5.5 Defenses
02:44
5.6 Lab Solutions

Module 6: Security Configuration

01:23
6.1 Intro
08:40
6.2 Explanations
05:05
6.3 Dir Demo
05:32
6.4 XXE Demo
07:54
6.5 User Agent Demo
08:58
6.6 Defenses
01:55
6.7 Lab Solutions

Module 7: Sensitive Data Exposure

01:29
7.1 Intro
10:02
7.2 Explanations
02:45
7.3 Comments Demo
05:18
7.4 HiddenPages Demo
08:41
7.5 HTMLS Web Storage Demo
11:42
7.6 Defenses

Module 8: Function Level Access

01:08
8.1 Intro
13:30
8.2 Explanations
03:32
8.3 Role Demo
06:46
8.4 Defenses
05:31
8.5 Missing FL AC Lab

Module 9: Cross-site Request Forgery

01:05
9.1 Intro
07:28
9.2 Explanations
07:35
9.3 CSRF JS Demo
06:45
9.4 Entropy Demo
07:05
9.5 CSRF Defenses
05:25
9.6 CSRF Lab Solution
01:09
9.7 Intro
05:40
9.8 Explanations
04:51
9.9 Libraries & CVSS Demo
04:31
9.10 Defenses
04:28
9.11 WebGoat Library CVSS Lab
00:59
9.12 Intro
04:06
9.13 Explanations
05:25
9.14 Unvalidated URLs Demo
04:29
9.15 Defenses
04:00
9.16 JS redirect Lab
01:06
9.17 Intro
11:43
9.18 Explanations
09:49
9.19 Classic BufferOverflow Demo
04:46
9.20 Defenses
05:19
9.21 WebGoat BO OffByOne Lab
01:09
9.22 Intro
08:55
9.23 Explanations
03:51
9.24 FileUpload Demo
07:22
9.25 Defenses
04:56
9.26 WebGoat FileUpload Lab
01:16
9.27 Intro
06:54
9.28 Explanations
02:50
9.29 Risky Resource Mgmt Demo
11:59
9.30 Defenses
04:22
9.31 Lab Defenses
01:06
9.32 Intro
11:45
9.33 Explanations
02:19
9.34 JS Validation Bypass Demo
06:02
9.35 Defenses
06:57
9.36 HTTP Response Splitting Lab
00:57
9.37 Intro
12:58
9.38 Explanations
03:54
9.39 Lab
01:00
9.40 Intro
08:16
9.41 Explanations
01:23
9.42 Intro
25:50
9.43 Explanations
10:20
9.44 Card Game Demo
00:00
9.45 Secure Coding

Course Description

What is secure coding? The practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities. Why do I need this certification? By identifying the insecure coding practices that lead to errors and educating developers on secure alternatives, you can take proactive steps to help significantly reduce or eliminate vulnerabilities in software before deployment. What will I learn? Best practices of secure coding Key Topics: Lab tools Active defenses Threat modeling Get your Secure Coding Certification Today: One of the biggest struggles in the field of application security is trying to convince customers and clients to pay attention to the security of public facing sites that do not transmit sensitive data. Securing coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities. Through the analysis of thousands of reported vulnerabilities, security professionals have discovered that most vulnerabilities stem from a relatively small number of common software programming errors. By identifying the insecure coding practices that lead to these errors and educating developers on secure alternatives, organizations can take proactive steps to help significantly reduce or eliminate vulnerabilities in software before deployment. Knowing the principles behind secure coding, as taught in the Secure Coding Micro Certification course, carries a variety of benefits to individuals and employees who are writing code and building applications or software products. Those taking this course are introduced to the primary best practices of Secure Coding, including lab tools, active defenses and threat modelling.

Provided By

Cybrary Logo

Course Components

On Demand Videos to learn from industry leaders
Assessments to gauge understanding and comprehension

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a Secure Coding Certificate of Completion