Advanced Practices in Application Security

In this course, you’ll learn how to implement advanced application security practices by embedding security throughout the software development lifecycle (SDLC).

Interested in this course? Email us at [email protected]

Course curriculum

1. Segment 00: Welcome to the Course: Course Overview
2. Segment 01: Intro Video to Course
1. Segment 02: Chapter Introduction
2. Segment 03: Secure by Design Principles
3. Segment 04: Secure Coding Practices
4. Segment 05: Secure Configuration and Defaults
1. Segment 06: Prevention of OWASP Top 10
2. Segment 07: Stopping Insecure Design and Misconfiguration Failures
3. Segment 08: Defending Against Supply Chain Attacks and Logging Failures
1. Segment 09: Code Testing for Vulnerabilities
2. Segment 10: Testing an Application for Run-Time Vulnerabilities
3. Segment 11: Run-Time Protection
4. Segment 12: Reading - Foundations Section of the OWASP Developer Guide
5. Segment 13: Hands-On-Learning: Secure Coding Practices: Identifying and Fixing Vulnerable Code in GitHub Codespaces
6. Segment 14: Quiz - Secure Development and Code Security
1. Segment 15: Chapter Introduction
2. Segment 16: Threats vs Risks
3. Segment 17: Intro to Threat Modelling
4. Segment 18: Utilizing STRIDE For Threat Modelling
1. Segment 19: Threat Modelling with OWASP Threat Dragon
2. Segment 20: Using Attack Trees in Threat Modelling
3. Segment 21: Completing a Rapid Threat Modeling Prototyping (RTMP)
1. Segment 22: Risk Rating Using OWASP Risk Rating
2. Segment 23: CVSS Scoring for Vulnerability Management
3. Segment 24: Transforming Threats into Secure Designs
4. Segment 26: Reading - NIST Threat Modeling Guidelines
5. Segment 27: Hands-On-Learning: Attack Path Modeling: Creating Attack Trees with Deciduous
6. Segment 28: Quiz - Threat Modeling Best Practices
1. Segment 29: Chapter Introduction
2. Segment 30: Software Supply Chain Threat Landscape
3. Segment 31: Software Bill of Materials (SBOM) Fundamentals
4. Segment 32: Dependency Management and Open-Source Risk Assessment
1. Segment 33: SLSA Framework and Build Provenance
2. Segment 34: Artifact Integrity and Code Signing
3. Segment 35: Vendor Risk Assessment and Third-Party Security
1. Segment 36: Continuous Supply Chain Monitoring
2. Segment 37: Compliance and Regulatory Requirements
3. Segment 38: Supply Chain Incident Response and Recovery
4. Segment 39: Reading - Securing the Software Supply Chain
5. Segment 40: Hands-On-Learning: Software Supply Chain Security: SBOM Generation and Vulnerability Analysis with Syft and Grype
6. Segment 41: Quiz - Supply Chain Security
1. Segment 42: Chapter Introduction
2. Segment 43: Cloud-Native Security Fundamental
3. Segment 44: Container and Serverless Security
4. Segment 45: Cloud Security Automation and Infrastructure as Code (IaC) Security
1. Segment 46: Kubernetes Security Architecture and RBAC
2. Segment 47: Container and Registry Security
3. Segment 48: Runtime Protection and Behavioral Monitoring
1. Segment 49: Network Security and Micro-Segmentation
2. Segment 50: Secrets Management and Data Protection
3. Segment 51: Compliance and Governance in Cloud-Native Environments
4. Segment 52: Reading - CCM v4.0 Implementation Guidelines
5. Segment 53: Hands-On-Learning: Cloud-Native Security: Container Vulnerability Scanning and Security Reporting with Trivy
6. Segment 54: Project: Comprehensive Application Security Assessment: From Code to Container
7. Segment 55: Course Wrap-up Video
8. Segment 56: Quiz - Cloud Security and Container Security

About this course

Free
56 lessons
4 hours of video content

Discover your potential, starting today

Enroll today

Advanced Practices in Application Security

Course curriculum

Chapter 1: Introduction

Chapter 2: Building Security from the Ground Up

Chapter 3: OWASP Top 10 Prevention

Chapter 4: Application Security Testing and Protection

Chapter 5: Threat Modeling

Chapter 6: Utilizing Threat Modeling Tools

Chapter 7: Managing Findings from Threat Modeling

Chapter 8: Understanding the Software Supply Chain

Chapter 9: Collecting Artifacts and Understanding Risk

Chapter 10: Managing and Monitoring the Supply Chain

Chapter 11: Understanding Cloud and Container Fundamentals

Chapter 12: Understanding Container Security Practices

Chapter 13: Understanding Cloud Security Defenses

About this course

Discover your potential, starting today