Log in
Log inBook a demo

Automation Engineer

COURSE
Security Innovation
9 hrs

Automation Engineer

COURSE
Security Innovation
9 hrs

Introduces learners to essential goals and controls needed to create secure software and manage risk in the software development lifecycle. Courses will also expose learners to cryptography, handling input and output and the and the consequences of the most common and most important application security weaknesses and mitigation of security vulnerabilities using common standards and frameworks.

Courses Include

  • ENG 110 Essential Account Management Security
  • ENG 113 Essential Secure Configuration Management
  • ENG 114 Essential Risk Assessment
  • ENG 119 Essential Security Audit and Accountability
  • ENG 120 Essential Assessment and Authorization
  • ENG 123 Essential Security Engineering Principles
  • ENG 124 Essential Application Protection
  • ENG 125 Essential Data Protection
  • DES 222-231 Applying OWASP 2017 Mitigations Series 
  • TST 252 Testing for OS Command Injection
  • TST 253 Testing for Classic Buffer Overflow
  • TST 255 Testing for Missing Authentication for Critical Function
  • TST 257 Testing for Use of Hard-Coded Credentials
  • TST 258 Testing for Missing Encryption of Sensitive Data
  • TST 259 Testing for Unrestricted Upload of File with Dangerous Type
  • TST 260 Testing for Reliance on Untrusted Inputs in a Security Decision
  • TST 261 Testing for Execution with Unnecessary Privileges
  • TST 264 Testing for Download of Code without Integrity Check
  • TST 266 Testing for Inclusion of Functionality from Untrusted Control Sphere
  • TST 267 Testing for Incorrect Permission Assignment for Critical Resource
  • TST 268 Testing for Use of a Potentially Dangerous Function
  • TST 269 Testing for Use of a Broken or Risky Cryptographic Algorithm
  • TST 270 Testing for Incorrect Calculation of Buffer Size
  • TST 271 Testing for Improper Restriction of Excessive Authentication Attempts
  • TST 272 Testing for Open Redirect
  • TST 273 Testing for Uncontrolled Format String
  • TST 275 Testing for Use of a One-Way Hash without a Salt
Learning
Core
Essential Account Management Securityinteractive
Essential Secure Configuration Managementinteractive
Essential Risk Assessmentinteractive
Essential Security Audit and Accountabilityinteractive
Essential Assessment and Authorizationinteractive
Essential Security Engineering Principlesinteractive
Essential Application Protectioninteractive
Essential Data Protectioninteractive
Applying OWASP 2017: Mitigating Injectioninteractive
Applying OWASP 2017: Mitigating Broken Authenticationinteractive
Applying OWASP 2017: Mitigating Sensitive Data Exposureinteractive
Applying OWASP 2017: Mitigating Sensitive Data Exposureinteractive
Applying OWASP 2017: Mitigating Broken Access Controlinteractive
Applying OWASP 2017: Mitigating Security Misconfigurationinteractive
Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)interactive
Applying OWASP 2017: Mitigating Insecure Deserializationinteractive
Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilitiesinteractive
Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilitiesinteractive
Testing for OS Command Injectioninteractive
Testing for Classic Buffer Overflowinteractive
Testing for Missing Authentication for Critical Functioninteractive
Testing for Use of Hard-Coded Credentialsinteractive
Testing for Missing Encryption of Sensitive Datainteractive
Testing for Unrestricted Upload of File with Dangerous Typeinteractive
Testing for Reliance on Untrusted Inputs in a Security Decisioninteractive
Testing for Execution with Unnecessary Privilegesinteractive
Testing for Download of Code without Integrity Checkinteractive
Testing for Inclusion of Functionality from Untrusted Control Sphereinteractive
Testing for Incorrect Permission Assignment for Critical Resourceinteractive
Testing for Use of a Potentially Dangerous Functioninteractive
Testing for Use of a Broken or Risky Cryptographic Algorithminteractive
Testing for Incorrect Calculation of Buffer Sizeinteractive
Testing for Improper Restriction of Excessive Authentication Attemptsinteractive
Testing for Open Redirectinteractive
Testing for Uncontrolled Format Stringinteractive
Testing for Use of a One-Way Hash without a Saltinteractive