{"title":"Software Application Security","description":null,"products":[{"product_id":"secdevops-practitioner®-sdop-certification-training","title":"SecDevOps Practitioner® (SDOP) Certification Training","description":"\u003cdiv\u003e\u003cp\u003eThis \u003cstrong\u003eSecDevOps Practitioner®\u003c\/strong\u003e (SDOP) Certification Training follows the SecDevOps foundational practice in Course 3695, SecDevOps Foundation® (SDOF) Certification Training. While the foundation course provides a basic understanding and outlines the roadmap for implementation, this practitioner-level class adds a range of techniques for a more comprehensive understanding of SecDevOps. This includes achieving optimum outcomes by designing the right pipeline architecture, creating an effective team, and establishing best-practice processes.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eSecDevOps Practitioner® (SDOP) Certification Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this SDOP Certification training, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for the DevOps Institute SecDevOps Practitioner Certification (SDOP) with the world’s first accredited SecDevOps Practitioner course.\u003c\/li\u003e\n\u003cli\u003eEstablish SecDevOps maturity guidance for people processes and technology.\u003c\/li\u003e\n\u003cli\u003eImplement and optimize typical pipeline tools to improve CI\/CD\/CC results.\u003c\/li\u003e\n\u003cli\u003eGather effective metrics to streamline, verify, and tune pipeline operations.\u003c\/li\u003e\n\u003cli\u003eFollow architectural best practices, including immutable infrastructure and high observability.\u003c\/li\u003e\n\u003cli\u003eLeverage experimentation to achieve highly effective automated security protection.\u003c\/li\u003e\n\u003cli\u003eImprove team performance following the leadership-at-all-levels approach.\u003c\/li\u003e\n\u003cli\u003eCase studies, group collaborations, and practical hands-on exercises using specific pipeline tools are included.\u003c\/li\u003e\n\u003cli\u003eReceive official certification from the DevOps Institute (DOI).\u003c\/li\u003e\n\u003cli\u003eContinue learning and face new challenges with after-course one-on-one instructor coaching.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eSDOP Certification Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eSecDevOps Foundational certification (SDOF) is expected, or DevOps Foundational certification or DevSecOps Foundational certification. Related courses include:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLearning Tree Course 3695, SecDevOps Foundation® (SDOF) Certification Training and\u003c\/li\u003e\n\u003cli\u003eLearning Tree Course 3685, DevOps Foundation® (DOFD) Certification Training\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eProspective attendees can confirm their prerequisite knowledge by taking the pre-course skills assessment (which takes approximately 15 minutes).\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eSDOP Certification Exam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFor certification, successfully pass (65%) the 90-minute examination, consisting of forty multiple-choice.\u003c\/li\u003e\n\u003cli\u003eThe certification and exam are governed and maintained by DevOps Institute.\u003c\/li\u003e\n\u003cli\u003eThe exam is conducted online and is open book.\u003c\/li\u003e\n\u003cli\u003eA sample exam is provided to attendees at the end of the class.\u003c\/li\u003e\n\u003cli\u003eA complimentary voucher to take the exam is provided by Learning Tree International.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSecDevOps Practitioner Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Determining Organizational SecDevOps Maturity\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eKnow where you are so you can start from where you are \u003c\/li\u003e\n\u003cli\u003eWhat level are your people, processes, and pipelines \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCollaboration: Guidance metrics for people and process\u003c\/p\u003e\n\u003cp\u003eHands-On: Executing and debugging the case-study pipeline\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Applying Automation Metrics\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprove feedback to understand what is most important\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eHands-On: Reviewing metrics from the case-study pipeline\u003c\/p\u003e\n\u003cp\u003eCollaboration: What 2nd metrics are missing?\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMetric isolation and accuracy for incremental experimentation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCollaboration: Third-way considerations\u003c\/p\u003e\n\u003cp\u003eHands-On: Implementing a third-way spike\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Designing, Architecting, and Planning for SecDevOps\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePlanning and architectural structure best practices\u003c\/li\u003e\n\u003cli\u003eWhat does security first actually mean?\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCollaboration: What architecture do we have\/should we have?\u003c\/p\u003e\n\u003cp\u003eHands-On: Architecture and security improvements to case study pipeline\u003c\/p\u003e\n\u003cp\u003eCollaboration: Observing functional and security outcomes\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Creating Practical SecDevOps Infrastructure\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eLessons from Site Reliability Engineering\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCollaboration: Aiding resilience for SRE (Site Reliability Engineering)\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamining immutability for deployment\u003c\/li\u003e\n\u003cli\u003eHigh observability strategies for availability and security\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eHands-On: Immutable deployment and high observability\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Other Security Considerations beyond the Pipeline\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBefore and after development (acquisition and disposal)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCollaboration: Is such-and-such a tool safe?\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Next Steps\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eOngoing best practices and analysis of outcomes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCollaboration: Personal Action Planning\u003c\/p\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268B33US \/ 2026-08-10T09:00:00 \/ Herndon, VA","offer_id":47534194491611,"sku":"US-3975-IL","price":1365.0,"currency_code":"USD","in_stock":true},{"title":"266D61US \/ 2026-06-29T09:00:00 \/ Online","offer_id":48216572952795,"sku":"US-3975-IL","price":1365.0,"currency_code":"USD","in_stock":true},{"title":"26AB77US \/ 2026-10-19T09:00:00 \/ Herndon, VA","offer_id":48216572985563,"sku":"US-3975-IL","price":1365.0,"currency_code":"USD","in_stock":true},{"title":"271C23US \/ 2027-01-06T09:00:00 \/ Herndon, VA","offer_id":48216573018331,"sku":"US-3975-IL","price":1365.0,"currency_code":"USD","in_stock":true},{"title":"273B76US \/ 2027-03-01T09:00:00 \/ Herndon, VA","offer_id":48309394145499,"sku":"US-3975-IL","price":1365.0,"currency_code":"USD","in_stock":true},{"title":"275C17US \/ 2027-05-05T09:00:00 \/ Herndon, VA","offer_id":48741615861979,"sku":"US-3975-IL","price":1365.0,"currency_code":"USD","in_stock":true}]},{"product_id":"csslp®-training-and-certification","title":"CSSLP® Training and Certification","description":"\u003cdiv\u003e\n\u003cp\u003eAttend this official ISC2™ Certified Secure Software Lifecycle Professional \u003cstrong\u003e(CSSLP) training and certification\u003c\/strong\u003e course and get prepared to achieve this premier secure software development certification. This course provides you with in-depth coverage on the skills and concepts in the eight domains of software security. This includes Software Concepts, Requirements, Design, Implementation, Testing, Lifecycle Management, among others.\u003c\/p\u003e\r\n\u003cp\u003eThis course covers secure software development with the Certified Secure Software Lifecycle (CSSLP) and its domains. Topics include identifying security requirements, secure SDLC, manual testing, unit testing, functional testing, acceptance testing, and security testing, code review, and test automation. Students learn about security vulnerabilities, software testing, and source code. The course covers IAST (Interactive Application Security Testing tools, CI\/CD (Continuous Integration\/Continuous Delivery pipeline, and penetration testing to help prepare for the CSSLP exam.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCSSLP® Training and Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CSSLP course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for and pass the CSSLP Exam.\u003c\/li\u003e\n\u003cli\u003eIdentify security software requirements.\u003c\/li\u003e\n\u003cli\u003eFollow secure coding practices.\u003c\/li\u003e\n\u003cli\u003eDevelop a security testing strategy and plan.\u003c\/li\u003e\n\u003cli\u003eChoose a secure software methodology.\u003c\/li\u003e\n\u003cli\u003eRelease software securely.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCSSLP Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis CSSLP course is for Software Developers, Engineers, Architects, Penetration Testers, and other IT (Information Technology) professionals who have a minimum of four years' experience in full-time Software Development Lifecycle (SDLC) in one or more of the eight domains covered in the CSSLP exam.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCSSLP Certification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eLearning Tree can provide a voucher that allows you to take the exam at any Pearson VUE Test Center available on request.\u003c\/p\u003e\n\u003cp\u003eRequirements for certification:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eA minimum of four years of cumulative, paid, full-time Software Development Lifecycle (SDLC) professional experience in one or more of the eight domains of the CSSLP Common Body of Knowledge (CBK)\u003c\/li\u003e\n\u003cli\u003ePass CSSLP exam\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAttendees can self-submit our courses for the following \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | (ISC)² Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE credit\u003c\/a\u003e:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGroup A credits for attending any of our cybersecurity courses, and \u003c\/li\u003e\n\u003cli\u003eGroup B General Education credits for any other Learning Tree course they attend.\u003c\/li\u003e\n\u003cli\u003eOr ISC2 members can submit CPE credits directly to the \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE portal\u003c\/a\u003e in the Members section of the \u003ca href=\"https:\/\/www.isc2.org\/Membership\" title=\"Membership | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eISC2 website\u003c\/a\u003e.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eThis is an ISC2 certification prep course. \u003cspan title=\"ISC2® Certification Training Courses | Learning Tree\" rel=\"follow noopener\" target=\"_blank\"\u003eClick here to view more ISC2 certification prep training ›\u003c\/span\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCSSLP Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1: Secure Software Concepts\u003c\/h4\u003e\n\u003cp\u003e\u003cspan style=\"font-size: 11.0pt; line-height: 107%; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: 'Times New Roman'; mso-fareast-theme-font: minor-fareast; mso-hansi-theme-font: minor-latin; mso-bidi-font-family: 'Times New Roman'; mso-bidi-theme-font: minor-bidi; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA;\"\u003e1.1 \u003c\/span\u003eCore Concepts\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConfidentiality (e.g., covert, overt, encryption)\u003c\/li\u003e\n\u003cli\u003eIntegrity (e.g., hashing, digital signatures, code signing, reliability, modifications, authenticity)\u003c\/li\u003e\n\u003cli\u003eAvailability (e.g., redundancy, replication, clustering, scalability, resiliency)\u003c\/li\u003e\n\u003cli\u003eAuthentication (e.g., multifactor authentication (MFA), identity \u0026amp; access management (IAM), single sign-on (SSO), federated identity)\u003c\/li\u003e\n\u003cli\u003eAuthorization (e.g., access controls, permissions, entitlements)\u003c\/li\u003e\n\u003cli\u003eAccountability (e.g., auditing, logging)\u003c\/li\u003e\n\u003cli\u003eNonrepudiation (e.g., digital signatures, blockchain)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-size: 11.0pt; line-height: 107%; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: 'Times New Roman'; mso-fareast-theme-font: minor-fareast; mso-hansi-theme-font: minor-latin; mso-bidi-font-family: 'Times New Roman'; mso-bidi-theme-font: minor-bidi; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA;\"\u003e1.2 \u003c\/span\u003eSecurity Design Principles\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLeast privilege (e.g., access control, need-to-know, run-time privileges)\u003c\/li\u003e\n\u003cli\u003eSeparation of Duties (e.g., multi-party control, secret sharing, and split knowledge)\u003c\/li\u003e\n\u003cli\u003eDefense in depth (e.g., layered controls, input validation, security zones)\u003c\/li\u003e\n\u003cli\u003eResiliency (e.g., fail safe, fail secure, no Single Point of Failure (SPOF))\u003c\/li\u003e\n\u003cli\u003eThe economy of mechanism (e.g., Single Sign-On (SSO), password vaults, resource)\u003c\/li\u003e\n\u003cli\u003eComplete mediation (e.g., cookie management, session management, caching of credentials)\u003c\/li\u003e\n\u003cli\u003eOpen design (e.g., Kerckhoffs’s principle)\u003c\/li\u003e\n\u003cli\u003eLeast common mechanism (e.g., compartmentalization\/isolation, safe listing)\u003c\/li\u003e\n\u003cli\u003ePsychological acceptability (e.g., password complexity, screen layouts, Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), biometrics)\u003c\/li\u003e\n\u003cli\u003eComponent reuse (e.g., common controls, libraries)\u003c\/li\u003e\n\u003cli\u003eDiversity of defense (e.g., geographical diversity, technical diversity, distributed systems)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2: Secure Software Requirements\u003c\/h4\u003e\n\u003cp\u003e2.1 Define Software Security Requirements\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFunctional (e.g., business requirements, use cases, stories)\u003c\/li\u003e\n\u003cli\u003eNon-functional (e.g., operational, deployment, systemic qualities)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.2 Identify and Analyze Compliance Requirements\u003c\/p\u003e\n\u003cp\u003e2.3 Identify and Analyze Data Classification Requirements\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFData ownership (e.g., data owner, data custodian)\u003c\/li\u003e\n\u003cli\u003eLabeling (e.g., sensitivity, impact)\u003c\/li\u003e\n\u003cli\u003eTypes of data (e.g., structured, unstructured data)\u003c\/li\u003e\n\u003cli\u003eData life cycle (e.g., generation, retention, disposal)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.4 Identify and Analyze Privacy Requirements\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData anonymization\u003c\/li\u003e\n\u003cli\u003eUser consent\u003c\/li\u003e\n\u003cli\u003eDisposition (e.g., right to be forgotten)\u003c\/li\u003e\n\u003cli\u003eData retention\u003c\/li\u003e\n\u003cli\u003eCross borders (e.g., data residency, jurisdiction, multi-national data processing boundaries)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.5 Develop Misuse and Abuse Cases\u003c\/p\u003e\n\u003cp\u003e2.6 Develop Security Requirement Traceability Matrix (STRM)\u003c\/p\u003e\n\u003cp\u003e2.7 Ensure Security Requirements Flow Down to Suppliers\/Providers\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3: Secure Software Architecture and Design\u003c\/h4\u003e\n\u003cp\u003e3.1 Perform Threat Modeling\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand common threats (e.g., Advance Persistent Threat (APT), insider threat, common malware, third-party\/supplier)\u003c\/li\u003e\n\u003cli\u003eAttack surface evaluation\u003c\/li\u003e\n\u003cli\u003eThreat intelligence (e.g., Identify credible, relevant threats)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.2 Define the Security Architecture\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity control identification and prioritization\u003c\/li\u003e\n\u003cli\u003eDistributed computing (e.g., client-server, peer-to-peer (P2P), message queuing)\u003c\/li\u003e\n\u003cli\u003eService-oriented architecture (SOA) (e.g., Enterprise Service Bus (ESB), web services\u003c\/li\u003e\n\u003cli\u003eRich internet applications (e.g., client-side exploits or threats, remote code execution, constant connectivity)\u003c\/li\u003e\n\u003cli\u003ePervasive\/ubiquitous computing (e.g., Internet of Things (IoT), wireless, location-based, Radio-Frequency Identification (RFID), near field communication, sensor networks)\u003c\/li\u003e\n\u003cli\u003eEmbedded (e.g., secure update, Field-Programmable Gate Array (FPGA) security features, microcontroller security)\u003c\/li\u003e\n\u003cli\u003eCloud architectures (e.g., Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS))\u003c\/li\u003e\n\u003cli\u003eMobile applications (e.g., implicit data collection privacy)\u003c\/li\u003e\n\u003cli\u003eHardware platform concerns (e.g., side-channel mitigation, speculative execution mitigation, embedded Hardware Security Modules (HSM))\u003c\/li\u003e\n\u003cli\u003eCognitive computing (e.g., Machine Learning (ML), Artificial Intelligence (AI))\u003c\/li\u003e\n\u003cli\u003eControl systems (e.g., industrial, medical, facility-related, automotive)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.3 Performing Secure Interface Design\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity management interfaces, Out-of-Band (OOB) management, log interfaces\u003c\/li\u003e\n\u003cli\u003eUpstream\/downstream dependencies (e.g., key and data sharing between apps)\u003c\/li\u003e\n\u003cli\u003eProtocol design choices (e.g., Application Programming Interface (APIs), weaknesses, state, models)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.4 Performing Architectural Risk Assessment\u003c\/p\u003e\n\u003cp\u003e3.5 Model (Non-Functional) Security Properties and Constraints\u003c\/p\u003e\n\u003cp\u003e3.6 Model and Classify Data\u003c\/p\u003e\n\u003cp\u003e3.7 Evaluate and Select Reusable Secure Design\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCredential management (e.g., X.509 and Single Sign-On (SSO))\u003c\/li\u003e\n\u003cli\u003eFlow control (e.g., proxies, firewalls, protocols, queuing)\u003c\/li\u003e\n\u003cli\u003eData loss prevention (DLP)\u003c\/li\u003e\n\u003cli\u003eVirtualization (e.g., software-defined infrastructure, hypervisor, containers)\u003c\/li\u003e\n\u003cli\u003eTrusted computing (e.g., Trusted Platform Module (TPM), Trusted Computing Base (TCB))\u003c\/li\u003e\n\u003cli\u003eDatabase security (e.g., encryption, triggers, views, privilege management)\u003c\/li\u003e\n\u003cli\u003eProgramming language environment (e.g., Common Language Runtime (CLR), Java Virtual Machine (JVM))\u003c\/li\u003e\n\u003cli\u003eOperating System (OS) controls and services\u003c\/li\u003e\n\u003cli\u003eSecure backup and restoration planning\u003c\/li\u003e\n\u003cli\u003eSecure data retention, retrieval, and destruction\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.8 Perform Security Architecture and Design Review\u003c\/p\u003e\n\u003cp\u003e3.9 Define Secure Operational Architecture (e.g., deployment topology, operational interfaces)\u003c\/p\u003e\n\u003cp\u003e3.10 Use Secure Architecture and Design Principles, Patterns, and Tools\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4: Secure Software Implementation\u003c\/h4\u003e\n\u003cp\u003e4.1 Adhere to Relevant Secure Coding Practices (e.g., standards, guidelines, and regulations)\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeclarative versus imperative (programmatic) security\u003c\/li\u003e\n\u003cli\u003eConcurrency (e.g., thread safety, database concurrency controls)\u003c\/li\u003e\n\u003cli\u003eOutput sanitization (e.g., encoding, obfuscation)\u003c\/li\u003e\n\u003cli\u003eError and exception handling\u003c\/li\u003e\n\u003cli\u003eInput validation\u003c\/li\u003e\n\u003cli\u003eSecure logging \u0026amp; auditing\u003c\/li\u003e\n\u003cli\u003eSession management\u003c\/li\u003e\n\u003cli\u003eTrusted\/Untrusted Application Programming Interfaces (APIs) and libraries\u003c\/li\u003e\n\u003cli\u003eType safety\u003c\/li\u003e\n\u003cli\u003eResource management (e.g., compute, storage, network, memory management)\u003c\/li\u003e\n\u003cli\u003eSecure configuration management (e.g., parameter, default options, credentials)\u003c\/li\u003e\n\u003cli\u003eTokenizing\u003c\/li\u003e\n\u003cli\u003eIsolation (e.g., sandboxing, virtualization, containers, Separation Kernel Protection Profiles (SKPP))\u003c\/li\u003e\n\u003cli\u003eCryptography (e.g., payload, field level, transport, storage, agility, encryption, algorithm selection)\u003c\/li\u003e\n\u003cli\u003eAccess control (e.g., trust zones, function permissions, Role Based Access Control (RBAC))\u003c\/li\u003e\n\u003cli\u003eProcessor microarchitecture security extensions (e.g., Software Guard Extensions (SGX), Advanced Micro Devices (AMD) Secure Memory Encryption(SME)\/Secure Encrypted Virtualization(SEV), ARM TrustZone)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.2 Analyze Code for Security Risks\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecure code reuse\u003c\/li\u003e\n\u003cli\u003eVulnerability databases\/lists (e.g., Open Web Application Security Project (OWASP) Top 10, Common Weakness Enumeration (CWE))\u003c\/li\u003e\n\u003cli\u003eStatic Application Security Testing (SAST) (e.g., automated code coverage, linting)\u003c\/li\u003e\n\u003cli\u003eDynamic Application Security Testing (DAST)\u003c\/li\u003e\n\u003cli\u003eManual code review (e.g., individual, peer)\u003c\/li\u003e\n\u003cli\u003eLook for malicious code (e.g., backdoors, logic bombs, high entropy)\u003c\/li\u003e\n\u003cli\u003eInteractive Application Security Testing (IAST)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.3 Implement Security Controls (e.g., watchdogs, File Integrity Monitoring (FIM), anti-malware)\u003c\/p\u003e\n\u003cp\u003e4.4 Address Security Risks (e.g., remediation, mitigation, transfer, accept)\u003c\/p\u003e\n\u003cp\u003e4.5 Securely Reuse Third-Party Code or Libraries (e.g., Software Composition Analysis (SCA))\u003c\/p\u003e\n\u003cp\u003e4.6 Securely Integrate Components\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSystems-of-systems integration (e.g., trust contracts, security testing, and analysis)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.7 Apply Security During the Build Process\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAnti-tampering techniques (e.g., code signing, obfuscation)\u003c\/li\u003e\n\u003cli\u003eCompiler switches\u003c\/li\u003e\n\u003cli\u003eAddress compiler warnings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 5: Secure Software Testing\u003c\/h4\u003e\n\u003cp\u003e5.1 Develop Security Test Cases\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack surface validation\u003c\/li\u003e\n\u003cli\u003ePenetration tests\u003c\/li\u003e\n\u003cli\u003eFuzzing (e.g., generated, mutated)\u003c\/li\u003e\n\u003cli\u003eScanning (e.g., vulnerability, content, privacy)\u003c\/li\u003e\n\u003cli\u003eSimulation (e.g., simulating production environment and production data, synthetic workloads)\u003c\/li\u003e\n\u003cli\u003eFailure (e.g., fault injection, stress testing, break testing)\u003c\/li\u003e\n\u003cli\u003eCryptographic validation (e.g., Pseudo-Random Number Generator (PRNG), entropy)\u003c\/li\u003e\n\u003cli\u003eRegression tests\u003c\/li\u003e\n\u003cli\u003eIntegration tests\u003c\/li\u003e\n\u003cli\u003eContinuous (e.g., synthetic transactions)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.2 Develop Security Testing Strategy and Plan\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFunctional security testing (e.g., logic)\u003c\/li\u003e\n\u003cli\u003eNonfunctional security testing (e.g., reliability, performance, scalability)\u003c\/li\u003e\n\u003cli\u003eTesting techniques (e.g., the white box and the black box)\u003c\/li\u003e\n\u003cli\u003eEnvironment (e.g., interoperability, test harness)\u003c\/li\u003e\n\u003cli\u003eStandards (e.g., International Organization for Standardization (ISO), Open Source Security Testing Methodology Manual (OSSTMM), Software Engineering Institute (SEI))\u003c\/li\u003e\n\u003cli\u003eCrowdsourcing (e.g., bug bounty)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.3 Verify and Validate Documentation (e.g., installation and setup instructions, error messages, user guides, release notes)\u003c\/p\u003e\n\u003cp\u003e5.4 Identify Undocumented Functionality\u003c\/p\u003e\n\u003cp\u003e5.5 Analyze Security Implications of Test Results (e.g., impact on product management, prioritization, break build criteria)\u003c\/p\u003e\n\u003cp\u003e5.6 Classify and Track Security Errors\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBug tracking (e.g., defects, errors, and vulnerabilities)\u003c\/li\u003e\n\u003cli\u003eRisk Scoring (e.g., Common Vulnerability Scoring System (CVSS))\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.7 Secure Test Data\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate test data (e.g., referential integrity, statistical quality, production representative)\u003c\/li\u003e\n\u003cli\u003eReuse of production data (e.g., obfuscation, sanitization, anonymization, tokenization, data aggregation mitigation)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.8 Perform Verification and Validation Testing\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 6: Secure Software Lifecycle Management\u003c\/h4\u003e\n\u003cp\u003e6.1 Secure Configuration and Version Control (e.g., hardware, software, documentation, interfaces, patching)\u003c\/p\u003e\n\u003cp\u003e6.2 Define Strategy and Roadmap\u003c\/p\u003e\n\u003cp\u003e6.3 Manage Security Within a Software Development Methodology\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity in adaptive methodologies (e.g., Agile methodologies)\u003c\/li\u003e\n\u003cli\u003eSecurity in predictive methodologies (e.g., Waterfall)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e6.4 Identify Security Standards and Frameworks\u003c\/p\u003e\n\u003cp\u003e6.5 Define and Develop Security Documentation\u003c\/p\u003e\n\u003cp\u003e6.6 Develop Security Metrics (e.g., defects per line of code, criticality level, average remediation time, complexity)\u003c\/p\u003e\n\u003cp\u003e6.7 Decommission Software\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnd-of-life policies (e.g., credential removal, configuration removal, license cancellation, archiving)\u003c\/li\u003e\n\u003cli\u003eData disposition (e.g., retention, destruction, dependencies)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e6.8 Report Security Status (e.g., reports, dashboards, feedback loops)\u003c\/p\u003e\n\u003cp\u003e6.9 Incorporate Integrated Risk Management (IRM)\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRegulations and compliance\u003c\/li\u003e\n\u003cli\u003eLegal (e.g., intellectual property, breach notification)\u003c\/li\u003e\n\u003cli\u003eStandards and guidelines (e.g., International Organization for Standardization (ISO), Payment Card Industry (PCI), National Institute of Standards and Technology (NIST), OWASP, Software Assurance Forum for Excellence in Code (SAFECode), Software Assurance Maturity Model (SAMM), Building Security In Maturity Model (BSIMM))\u003c\/li\u003e\n\u003cli\u003eRisk management (e.g., mitigate, accept, transfer, avoid)\u003c\/li\u003e\n\u003cli\u003eTerminology (e.g., threats, vulnerability, residual risk, controls, probability, impact)\u003c\/li\u003e\n\u003cli\u003eTechnical risk vs. business risk\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e6.10 Promote Security Culture in Software Development\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity champions\u003c\/li\u003e\n\u003cli\u003eSecurity education and guidance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e6.11 Implement Continuous Improvement (e.g., retrospective, lessons learned)\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 7: Secure Software Deployment, Operations, Maintenance\u003c\/h4\u003e\n\u003cp\u003e7.1 Perform Operational Risk Analysis\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeployment environment\u003c\/li\u003e\n\u003cli\u003ePersonnel training (e.g., administrators vs. users)\u003c\/li\u003e\n\u003cli\u003eSafety criticality\u003c\/li\u003e\n\u003cli\u003eSystem Integration\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.2 Release Software Securely\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecure Continuous Integration and Continuous Delivery (CI\/CD) pipeline\u003c\/li\u003e\n\u003cli\u003eThe secure software toolchain\u003c\/li\u003e\n\u003cli\u003eBuild artifact verification (e.g., code signing, checksums, hashes)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.3 Securely Store and Manage Security Data\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCredentials\u003c\/li\u003e\n\u003cli\u003eSecrets\u003c\/li\u003e\n\u003cli\u003eKeys\/certificates\u003c\/li\u003e\n\u003cli\u003eConfigurations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.4 Ensure Secure Installation\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBootstrapping (e.g., key generation, access, management)\u003c\/li\u003e\n\u003cli\u003eLeast privilege\u003c\/li\u003e\n\u003cli\u003eEnvironment hardening\u003c\/li\u003e\n\u003cli\u003eSecure activation (e.g., credentials, safelisting, device configuration, network configuration, licensing)\u003c\/li\u003e\n\u003cli\u003eSecurity policy implementation\u003c\/li\u003e\n\u003cli\u003eSecrets injection (e.g., certificate, Open Authorization (OAuth) tokens, Secure Shell (SSH) keys)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.5 Perform Post-Deployment Security Testing\u003c\/p\u003e\n\u003cp\u003e7.6 Obtain Security Approval to Operate (e.g., risk acceptance, sign-off at the appropriate level)\u003c\/p\u003e\n\u003cp\u003e7.7 Perform Information Security Continuous Monitoring (ISCM)\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCollect and analyze observable security data (e.g., logs, events, telemetry, and trace data)\u003c\/li\u003e\n\u003cli\u003eThreat intel\u003c\/li\u003e\n\u003cli\u003eIntrusion detection\/response\u003c\/li\u003e\n\u003cli\u003eSecure configuration\u003c\/li\u003e\n\u003cli\u003eRegulation changes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.8 Support Incident Response\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRoot cause analysis\u003c\/li\u003e\n\u003cli\u003eIncident triage\u003c\/li\u003e\n\u003cli\u003eForensics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.9 Perform Patch Management (e.g., secure release, testing)\u003c\/p\u003e\n\u003cp\u003e7.10 Perform Vulnerability Management (e.g., scanning, tracking, triaging)\u003c\/p\u003e\n\u003cp\u003e7.11 Runtime Protection (e.g., Runtime Application Self-Protection (RASP), Web Application Firewall (WAF), Address Space Layout Randomization (ASLR))\u003c\/p\u003e\n\u003cp\u003e7.12 Support Continuity of Operations\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackup, archiving, retention\u003c\/li\u003e\n\u003cli\u003eDisaster Recovery (DR)\u003c\/li\u003e\n\u003cli\u003eResiliency (e.g., operational redundancy, erasure code, survivability)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.13 Integrate Service Level Objectives (SLO) and Service Level Agreements (SLA) (e.g., maintenance, performance, availability, qualified personnel)\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 8: Secure Software Supply Chain\u003c\/h4\u003e\n\u003cp\u003e8.1 Implement Software Supply Chain Risk Management\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify\u003c\/li\u003e\n\u003cli\u003eAssess\u003c\/li\u003e\n\u003cli\u003eRespond\u003c\/li\u003e\n\u003cli\u003eMonitor\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e8.2 Analyze the Security of Third-Party Software\u003c\/p\u003e\n\u003cp\u003e8.3 Verify Pedigree and Provenance\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecure transfer (e.g., interdiction mitigation)\u003c\/li\u003e\n\u003cli\u003eSystem sharing\/interconnections\u003c\/li\u003e\n\u003cli\u003eCode repository security\u003c\/li\u003e\n\u003cli\u003eBuild environment security\u003c\/li\u003e\n\u003cli\u003eCryptographically hashed, digitally-signed components\u003c\/li\u003e\n\u003cli\u003eRight to audit\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e8.4 Ensure Supplier Security Requirements in the Acquisition Process\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAudit of security policy compliance (e.g., secure software development practices)\u003c\/li\u003e\n\u003cli\u003eVulnerability\/incident notification, response, coordination, and reporting\u003c\/li\u003e\n\u003cli\u003eMaintenance and support structure (e.g., community versus commercial, licensing)\u003c\/li\u003e\n\u003cli\u003eSecurity track record\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e8.5 Support contractual requirements\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntellectual Property (IP) ownership, code escrow, liability, and warranty\u003c\/li\u003e\n\u003cli\u003eEnd-User License Agreement (EULA)\u003c\/li\u003e\n\u003cli\u003eService Level Agreements (SLA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268B14US \/ 2026-08-10T09:00:00 \/ Herndon, VA","offer_id":47534218772699,"sku":"US-2059-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"26AB97US \/ 2026-10-26T09:00:00 \/ Herndon, VA","offer_id":48216585404635,"sku":"US-2059-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"274B57US \/ 2027-04-26T09:00:00 \/ Herndon, VA","offer_id":48669323985115,"sku":"US-2059-IL","price":3436.0,"currency_code":"USD","in_stock":true}]},{"product_id":"certnexus-certified-cyber-secure-coder-training","title":"CertNexus Certified Cyber Secure Coder Training","description":"\u003cdiv\u003e\n\u003cp\u003eThe stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle.\u003c\/p\u003e\r\n\u003cp\u003eThis authorized Cyber Secure Coder course from CertNexus presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertNexus Certified Cyber Secure Coder Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the need for security in your software projects.\u003c\/li\u003e\n\u003cli\u003eEliminate vulnerabilities within software.\u003c\/li\u003e\n\u003cli\u003eUse a Security by Design approach to design a secure architecture for your software.\u003c\/li\u003e\n\u003cli\u003eImplement common protections to protect users and data.\u003c\/li\u003e\n\u003cli\u003eApply various testing methods to find and correct security defects in your software.\u003c\/li\u003e\n\u003cli\u003eMaintain deployed software to ensure ongoing security.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRecommended Experience\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis course presents secure programming concepts that apply to many different types of software development projects. Although this course uses Python®, HTML, and JavaScript® to demonstrate various programming concepts, you do not need to have experience in these languages to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eExam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThe CertNexus CSC-210 exam is 80 questions in length, 120 minutes long, and is multiple choice\/multiple responses. Exam Passing Score is 60%.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCertified Cyber Secure Coder Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 1: Identifying the Need for Security in Your Software Projects\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Identify Security Requirements and Expectations\u003c\/li\u003e\n\u003cli\u003eTopic B: Identify Factors That Undermine Software Security\u003c\/li\u003e\n\u003cli\u003eTopic C: Find Vulnerabilities in Your Software\u003c\/li\u003e\n\u003cli\u003eTopic D: Gather Intelligence on Vulnerabilities and Exploits\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 2: Handling Vulnerabilities\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Handle Vulnerabilities Due to Software Defects and Misconfiguration\u003c\/li\u003e\n\u003cli\u003eTopic B: Handle Vulnerabilities Due to Human Factors\u003c\/li\u003e\n\u003cli\u003eTopic C: Handle Vulnerabilities Due to Process Shortcomings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 3: Designing for Security\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Apply General Principles for Secure Design\u003c\/li\u003e\n\u003cli\u003eTopic B: Design Software to Counter Specific Threats\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 4: Developing Secure Code\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Follow Best Practices for Secure Coding\u003c\/li\u003e\n\u003cli\u003eTopic B: Prevent Platform Vulnerabilities\u003c\/li\u003e\n\u003cli\u003eTopic C: Prevent Privacy Vulnerabilities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 5: Implementing Common Protections\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Limit Access Using Login and User Roles\u003c\/li\u003e\n\u003cli\u003eTopic B: Protect Data in Transit and At Rest\u003c\/li\u003e\n\u003cli\u003eTopic C: Implement Error Handling and Logging\u003c\/li\u003e\n\u003cli\u003eTopic D: Protect Sensitive Data and Functions\u003c\/li\u003e\n\u003cli\u003eTopic E: Protect Database Access\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 6: Testing Software Security\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Perform Security Testing\u003c\/li\u003e\n\u003cli\u003eTopic B: Analyze Code to Find Security Problems\u003c\/li\u003e\n\u003cli\u003eTopic C: Use Automated Testing Tools to Find Security Problems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 7: Maintaining Security in Deployed Software\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Monitor and Log Applications to Support Security\u003c\/li\u003e\n\u003cli\u003eTopic B: Maintain Security After Deployment\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268B18US \/ 2026-08-12T09:00:00 \/ Herndon, VA","offer_id":47534194295003,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"267D52US \/ 2026-07-08T09:00:00 \/ New York","offer_id":48216575213787,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"269A84CN \/ 2026-09-09T09:00:00 \/ Ottawa","offer_id":48216575246555,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"26AC16US \/ 2026-10-07T09:00:00 \/ Herndon, VA","offer_id":48216575279323,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"26BC75US \/ 2026-11-04T09:00:00 \/ Austin","offer_id":48216575312091,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"26BC76US \/ 2026-11-23T09:00:00 \/ New York","offer_id":48216575344859,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"271A37CN \/ 2027-01-20T09:00:00 \/ Ottawa","offer_id":48216575377627,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"272B81US \/ 2027-02-24T09:00:00 \/ Herndon, VA","offer_id":48294634324187,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"273C04US \/ 2027-03-31T09:00:00 \/ Austin","offer_id":48525736018139,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"274C14US \/ 2027-04-21T09:00:00 \/ New York","offer_id":48619722244315,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true},{"title":"269D44US \/ 2026-09-23T09:00:00 \/ Online","offer_id":48837149622491,"sku":"US-2071-IL","price":1470.0,"currency_code":"USD","in_stock":true}]},{"product_id":"securing-web-applications-services-and-servers-training","title":"Securing Web Applications, Services, and Servers Training","description":"\u003cdiv\u003e\n\u003cp\u003eThis Full Stack Cybersecurity Training for Web Apps and Services course provides in-depth, hands-on experience securing Web-based applications and their servers. You will gain in-depth experience securing web services and learn how to integrate robust security measures into the web application development process by adopting proven architectures and best practices.\u003c\/p\u003e\r\n\u003cp\u003eThis web service security course includes the OWASP top 10 most critical web application security risks and how to remediate them.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eSecuring Web Applications, Services, and Servers Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this training, you will learn about the following:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplement and test secure web applications in your organization\u003c\/li\u003e\n\u003cli\u003eIdentify, diagnose, and remediate the OWASP top ten web application security risks\u003c\/li\u003e\n\u003cli\u003eConfigure a web server to encrypt web traffic with HTTPS\u003c\/li\u003e\n\u003cli\u003eProtect Ajax-powered applications and prevent JSON data theft\u003c\/li\u003e\n\u003cli\u003eSecure XML web services with WS-Security\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eBasic knowledge of Web application operation and Web server administration is assumed. For example, you should understand Web browser\/server operation, session management and basic HTML. In addition, experience with server-side Web application development and security knowledge is helpful.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSecuring Web Applications, Services and Servers Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Setting the Stage\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDefining threats to your web assets\u003c\/li\u003e\n\u003cli\u003eSurveying the legal landscape and privacy issues\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Establishing Security Fundamentals\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eModeling web security\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAchieving Confidentiality, Integrity and Availability (CIA)\u003c\/li\u003e\n\u003cli\u003ePerforming authentication and authorization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEncrypting and hashing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguishing public– and private–key cryptography\u003c\/li\u003e\n\u003cli\u003eVerifying message integrity\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Augmenting Web Server Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eConfiguring security for HTTP services\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManaging software updates\u003c\/li\u003e\n\u003cli\u003eRestricting HTTP methods\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecuring communication with SSL\/TLS\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eObtaining and installing server certificates\u003c\/li\u003e\n\u003cli\u003eEnabling HTTPS on the web server\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDetecting unauthorized modification of content\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConfiguring permissions correctly\u003c\/li\u003e\n\u003cli\u003eScanning for file–system changes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Implementing Web Application Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eEmploying OWASP resources\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Open Web Application Security Project (OWASP) top ten\u003c\/li\u003e\n\u003cli\u003eRemediating identified vulnerabilities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecuring database and application interaction\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUncovering and preventing SQL injection\u003c\/li\u003e\n\u003cli\u003eDefending against an insecure direct object reference\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eManaging session authentication\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProtecting against session ID hijacking\u003c\/li\u003e\n\u003cli\u003eBlocking cross-site request forgery\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eControlling information leakage\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDisplaying sanitized error messages to the user\u003c\/li\u003e\n\u003cli\u003eHandling requests and page faults\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePerforming input validation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablishing trust boundaries\u003c\/li\u003e\n\u003cli\u003eRemoving the threat of Cross-Site Scripting (XSS)\u003c\/li\u003e\n\u003cli\u003eExposing the dangers of client-side validation\u003c\/li\u003e\n\u003cli\u003eImplementing robust server-side input validation with regular expressions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Enhancing Ajax Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eAjax features\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying core Ajax components\u003c\/li\u003e\n\u003cli\u003eExchanging information asynchronously\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAssessing risks and evaluating threats\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManaging unpredictable interactions\u003c\/li\u003e\n\u003cli\u003eExposing Ajax vulnerabilities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Securing XML Web Services\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eDiagnosing XML vulnerabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying nonterminated tags and field overflows\u003c\/li\u003e\n\u003cli\u003eUncovering web service weaknesses\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eProtecting the SOAP message exchange\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidating input with an XML schema\u003c\/li\u003e\n\u003cli\u003eEncrypting exchanges with HTTPS\u003c\/li\u003e\n\u003cli\u003eImplementing WS–Security with a framework\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Scanning Applications for Weaknesses\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eOperating and configuring scanners\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMatching patterns to identify faults\u003c\/li\u003e\n\u003cli\u003e\"Fuzzing\" to discover new or unknown vulnerabilities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDetecting application flaws\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScanning applications remotely\u003c\/li\u003e\n\u003cli\u003eFinding vulnerabilities in web applications with OWASP and third-party penetration testing tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 8: Best Practices for Web Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eAdopting standards\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReducing risk by implementing proven architectures\u003c\/li\u003e\n\u003cli\u003eHandling personal and financial data\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eManaging network security\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eModeling threats to reduce risk\u003c\/li\u003e\n\u003cli\u003eIntegrating applications with your network architecture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266B52US \/ 2026-06-23T09:00:00 \/ Online","offer_id":47534199079131,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"268B64US \/ 2026-08-25T09:00:00 \/ Herndon, VA","offer_id":47534199111899,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"267A84CN \/ 2026-07-14T09:00:00 \/ Ottawa","offer_id":48216564367579,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26AA21CN \/ 2026-10-13T09:00:00 \/ Ottawa","offer_id":48216564400347,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BB15US \/ 2026-11-03T09:00:00 \/ Herndon, VA","offer_id":48216564433115,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271A40CN \/ 2027-01-05T09:00:00 \/ Ottawa","offer_id":48216564531419,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"272A83US \/ 2027-02-02T09:00:00 \/ Herndon, VA","offer_id":48216564564187,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"274A34CN \/ 2027-04-06T09:00:00 \/ Ottawa","offer_id":48567539859675,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275B10US \/ 2027-05-04T09:00:00 \/ Herndon, VA","offer_id":48738854863067,"sku":"US-940-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ec-council-certified-application-security-engineer-case-net","title":"EC-Council Certified Application Security Engineer (CASE) .NET","description":"\u003cdiv\u003e\n\u003cp\u003eThis 3-Day EC-Council Certified Application Security Engineer (CASE) .NET course is designed to be a hands-on, comprehensive application security training course that will help software professionals create secure applications. This CASE training course will train software developers on the critical security skills and knowledge required throughout a typical software development life cycle (SDLC). The course focuses on the importance of implementing secure methodologies and practices required in today’s insecure operating environment.\u003c\/p\u003e\r\n\u003cp\u003ePlus, this course will prepare you for the EC-Council CASE .NET exam and help you achieve Certified Application Security Engineer - .NET certification. Included in your course tuition is an EC-Council exam voucher that enables you to take the exam remotely.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eEC-Council Certified Application Security Engineer (CASE) .NET Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, your will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand application security, threats, and attacks\u003c\/li\u003e\n\u003cli\u003eGather secure requirements\u003c\/li\u003e\n\u003cli\u003eValidate input using secure coding practices\u003c\/li\u003e\n\u003cli\u003eImplement code practices for secure session management\u003c\/li\u003e\n\u003cli\u003eTest static and dynamic application security\u003c\/li\u003e\n\u003cli\u003eDesign and architect secure applications\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis course presents secure programming concepts that apply to many different types of software development projects. Although this course focuses on .NET, you don’t need to have experience in this language to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eExam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e50 Multiple Choice questions\u003c\/li\u003e\n\u003cli\u003ePassing Score 70%\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eEC-Council CASE .NET Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eOutline\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstanding Application Security, Threats, and Attacks\u003c\/li\u003e\n\u003cli\u003eSecurity Requirements Gathering\u003c\/li\u003e\n\u003cli\u003eSecure Application Design and Architecture\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practices for Input Validation\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practices for Authentication and Authorization\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practices for Cryptography\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practices for Session Management\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practices for Error Handling\u003c\/li\u003e\n\u003cli\u003eStatic and Dynamic Application Security Testing (SAST \u0026amp; DAST)\u003c\/li\u003e\n\u003cli\u003eSecure Deployment and Maintenance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A66US \/ 2026-08-05T09:00:00 \/ Austin","offer_id":47534181220571,"sku":"US-2028-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"269A68US \/ 2026-09-23T09:00:00 \/ Austin","offer_id":47621797314779,"sku":"US-2028-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"26BC00US \/ 2026-11-23T09:00:00 \/ Austin","offer_id":48216568856795,"sku":"US-2028-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"271B95US \/ 2027-01-27T09:00:00 \/ Austin","offer_id":48216568889563,"sku":"US-2028-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"273B54US \/ 2027-03-31T09:00:00 \/ Austin","offer_id":48525736411355,"sku":"US-2028-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"276B67US \/ 2027-06-02T09:00:00 \/ Austin","offer_id":48825878806747,"sku":"US-2028-IL","price":1800.0,"currency_code":"USD","in_stock":true}]},{"product_id":"security-engineering-on-aws","title":"Security Engineering on AWS","description":"\u003cdiv\u003e\u003cp\u003eThis course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eSecurity Engineering on AWS Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cp\u003eAssimilate and leverage the AWS shared security responsibility model\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003evArchitect and build AWS application infrastructures that are protected against the most common security threats\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eProtect data at rest and in transit with encryption\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eApply security checks and analyses in an automated and reproducible manner\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eConfigure authentication for resources and applications in the AWS Cloud\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eGain insight into events by capturing, monitoring, processing, and analyzing logs\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eIdentify and mitigate incoming threats against applications and data\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003ePerform security assessments to ensure that common vulnerabilities are patched and security best practices are applied\u003c\/p\u003e\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSecurity Engineering on AWS Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eImportant Security Operations on AWS Course Information\u003c\/h4\u003e\n\u003cul class=\"accordion\"\u003e\n\u003cli\u003e\n\u003ch3\u003eRequirements\u003c\/h3\u003e\n\u003cdiv\u003e\n\u003cp\u003eWe recommend that attendees of this course have the following prerequisites:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAWS Cloud Practitioner Essentials\u003c\/li\u003e\n\u003cli\u003eAWS Security Fundamentals\u003c\/li\u003e\n\u003cli\u003eArchitecting on AWS\u003c\/li\u003e\n\u003cli\u003eWorking knowledge of IT security practices and infrastructure concepts\u003c\/li\u003e\n\u003cli\u003eFamiliarity with cloud computing concepts\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003ch3\u003eWho Should Attend This Course\u003c\/h3\u003e\n\u003cdiv\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity engineers\u003c\/li\u003e\n\u003cli\u003eSecurity architects\u003c\/li\u003e\n\u003cli\u003eSecurity operations\u003c\/li\u003e\n\u003cli\u003eInformation security\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eSecurity Operations on AWS Course Outline\u003c\/h4\u003e\n\u003cul class=\"accordion\"\u003e\n\u003cli\u003e\n\u003ch3\u003eDay 1\u003c\/h3\u003e\n\u003cdiv\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying Entry Points on AWS\u003c\/li\u003e\n\u003cli\u003eSecurity Considerations: Web Application Environments\u003c\/li\u003e\n\u003cli\u003eApplication Securityv\u003c\/li\u003e\n\u003cli\u003eSecuring Networking Communications – Part 1\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDay 2\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData Security\u003c\/li\u003e\n\u003cli\u003eSecurity Considerations: Hybrid Environments\u003c\/li\u003e\n\u003cli\u003eMonitoring and Collecting Logs on AWS\u003c\/li\u003e\n\u003cli\u003eProcessing Logs on AWS\u003c\/li\u003e\n\u003cli\u003eSecuring Networking Communications – Part 2\u003c\/li\u003e\n\u003cli\u003eOut-Of-Region Protection\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003ch3\u003eDay 3\u003c\/h3\u003e\n\u003cdiv\u003e\n\u003cul\u003e\n\u003cli\u003eAccount Management on AWS\u003c\/li\u003e\n\u003cli\u003eSecurity Considerations: Serverless Environments\u003c\/li\u003e\n\u003cli\u003eSecrets Management on AWS\u003c\/li\u003e\n\u003cli\u003eAutomating Security on AWS\u003c\/li\u003e\n\u003cli\u003eThreat Detection and Sensitive Data Monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"269A41US \/ 2026-09-23T09:00:00 \/ Herndon, VA","offer_id":47621794726107,"sku":"US-1233-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26CA46US \/ 2026-12-16T09:00:00 \/ Herndon, VA","offer_id":48216580620507,"sku":"US-1233-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"273A46US \/ 2027-03-23T09:00:00 \/ Herndon, VA","offer_id":48500534182107,"sku":"US-1233-IL","price":2228.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ec-council-certified-application-security-engineer-case-java","title":"EC-Council Certified Application Security Engineer (CASE) Java","description":"\u003cdiv\u003e\n\u003cp\u003eThis 3-Day EC-Council Certified Application Security Engineer (CASE) Java course is designed to be a hands-on, comprehensive application security training course that will help software professionals create secure applications. This CASE training course will train software developers on the critical security skills and knowledge required throughout a typical software development life cycle (SDLC). The course focuses on implementing secure methodologies and practices required in today’s insecure operating environment.\u003c\/p\u003e\r\n\u003cp\u003eThis course will also prep you for the EC-Council CASE Java exam and help you achieve Certified Application Security Engineer—Java certification.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eEC-Council Certified Application Security Engineer (CASE) Java Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand application security, threats and attacks\u003c\/li\u003e\n\u003cli\u003eGather secure requirements\u003c\/li\u003e\n\u003cli\u003eValidate input using secure coding practises\u003c\/li\u003e\n\u003cli\u003eCode practises for secure session management\u003c\/li\u003e\n\u003cli\u003eTest static and dynamic application security\u003c\/li\u003e\n\u003cli\u003eDesign and architect secure applications\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis course presents secure programming concepts that apply to many different types of software development projects. Although this course focuses on Java, you don’t need to have experience in this language to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003eCertification Information\u003c\/p\u003e\n\u003cp\u003eIncluded in your course tuition fee is an EC-Council exam voucher that enables you to take the exam remotely.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eEC-Council CASE Java Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eOutline\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstanding Application Security, Threats, and Attacks\u003c\/li\u003e\n\u003cli\u003eSecurity Requirements Gathering\u003c\/li\u003e\n\u003cli\u003eSecure Application Design and Architecture\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practises for Input Validation\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practises for Authentication and Authorisation\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practises for Cryptography\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practises for Session Management\u003c\/li\u003e\n\u003cli\u003eSecure Coding Practises for Error Handling\u003c\/li\u003e\n\u003cli\u003eStatic and Dynamic Application Security Testing (SAST \u0026amp; DAST)\u003c\/li\u003e\n\u003cli\u003eSecure Deployment and Maintenance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A87US \/ 2026-07-22T09:00:00 \/ Austin","offer_id":47534208418011,"sku":"US-2027-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"26AB52US \/ 2026-10-14T09:00:00 \/ Austin","offer_id":48216584257755,"sku":"US-2027-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"271B94US \/ 2027-01-20T09:00:00 \/ Austin","offer_id":48216584290523,"sku":"US-2027-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"274B52US \/ 2027-04-21T09:00:00 \/ Austin","offer_id":48619711889627,"sku":"US-2027-IL","price":1800.0,"currency_code":"USD","in_stock":true}]},{"product_id":"github-advanced-security-gh-500t00","title":"GitHub Advanced Security (GH-500)","description":"\u003cdiv\u003e\u003cp\u003eGitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle. By integrating security directly into the development process with GHAS, your team can build more secure and reliable software. The course will explore how to utilize GHAS to maximize security impact and understand GHAS and its role in the security ecosystem.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eGitHub Advanced Security (GH-500) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cb\u003eMaster developer-first security workflows\u003c\/b\u003e\u003cbr\u003eSecurely integrate scans and checks early—before code merges.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eGain visibility across your organization\u003c\/b\u003e\u003cbr\u003eUse GHAS dashboards to monitor security posture and manage vulnerabilities.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eProtect your code and supply chain\u003c\/b\u003e\u003cbr\u003eDiscover and remediate secrets, code flaws, and risky dependencies proactively.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eScale security with automation\u003c\/b\u003e\u003cbr\u003eEnforce policies and track trends effortlessly across teams and repos.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003ePrepare for GitHub Advanced Security certification\u003c\/b\u003e\u003cbr\u003eBuild the knowledge needed to validate your expertise with GHAS.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eFamiliarity with GitHub and basic software development workflows.\u003c\/p\u003e\n\u003cp\u003eParticipants should have experience with:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNavigating GitHub repositories and organizations\u003c\/li\u003e\n\u003cli\u003eWorking with pull requests, branches, and code reviews\u003c\/li\u003e\n\u003cli\u003eBasic understanding of DevOps or CI\/CD practices\u003c\/li\u003e\n\u003cli\u003e(Optional but helpful) Exposure to security principles like static analysis, secret management, or dependency scanning\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eExam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis course prepares attendees for the \u003ca href=\"https:\/\/learn.microsoft.com\/en-us\/credentials\/certifications\/github-advanced-security\/?practice-assessment-type=certification\"\u003eGitHub Advanced Security \u003c\/a\u003ecertification.\u003c\/li\u003e\n\u003cli\u003eHighlight your code security knowledge with the GitHub Advanced Security certification. Validate your expertise in vulnerability identification, workflow security, and robust security implementation—elevating software integrity standards. Once achieved, the certification will be valid for two years.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eGitHub Advanced Security Workshop Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eOverview \u0026amp; Fundamentals\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLearn GHAS’s role in securing code, supply chain, and secrets during development.\u003c\/li\u003e\n\u003cli\u003eUnderstand cross-organizational visibility and curated security intelligence.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eCore Security Features\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eStatic Application Security Testing (SAST)\u003c\/li\u003e\n\u003cli\u003eSecret scanning and management\u003c\/li\u003e\n\u003cli\u003eDependency review and supply chain insights\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eIntegrating GHAS into Development Workflows\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEnable GHAS in repositories and organizations\u003c\/li\u003e\n\u003cli\u003eConfigure security policies and automated scans\u003c\/li\u003e\n\u003cli\u003eReview and triage GHAS findings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eManaging GHAS at Scale\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAssign roles, permissions, and licensing\u003c\/li\u003e\n\u003cli\u003eUse reporting dashboards to monitor vulnerabilities and trends\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eBest Practices \u0026amp; Governance\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIncorporate security into CI\/CD pipelines\u003c\/li\u003e\n\u003cli\u003eEnforce security policies via code owners and branch protection\u003c\/li\u003e\n\u003cli\u003eAlign with DevSecOps and compliance frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Microsoft","offers":[{"title":"267B91US \/ 2026-07-23T09:00:00 \/ Online","offer_id":47534215430363,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"269B15US \/ 2026-09-03T09:00:00 \/ Online","offer_id":47534215463131,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"26AA77US \/ 2026-10-14T09:00:00 \/ Online","offer_id":48216580423899,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"26CA55US \/ 2026-12-03T09:00:00 \/ Online","offer_id":48216580456667,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"271A73US \/ 2027-01-20T09:00:00 \/ Online","offer_id":48216580489435,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"273A58US \/ 2027-03-04T09:00:00 \/ Online","offer_id":48316156805339,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"274A48US \/ 2027-04-15T09:00:00 \/ Online","offer_id":48594310430939,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"276A61US \/ 2027-06-04T09:00:00 \/ Online","offer_id":48837149360347,"sku":"US-8764-IL","price":716.0,"currency_code":"USD","in_stock":true}]},{"product_id":"fundamentals-of-secure-software-development-training","title":"Fundamentals of Secure Software Development Training","description":"\u003cdiv\u003e\n\u003cp\u003eFrom proactive requirements to coding and testing, this secure software development training course covers the best practices any software developer needs to avoid opening up their users, customers and organization to attack at the application layer. We teach only constantly updated best practices, and our experts answer your questions live in class.\u003c\/p\u003e\n\u003cp\u003eEven with good information security policy and staff, the reality is that software developers are often underserved when it comes to security strategy. If their applications get built without attention to good software security practices, risk gets passed downstream and by the time an incident occurs it’s too late to be proactive. To mitigate these risks, attend this secure programming training course and return to work ready to build higher quality, more robustly protected applications.\u003c\/p\u003e\n\u003cp\u003e\u003c\/p\u003e\n\u003cp\u003eThere are no formal prerequisites for this course.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eFundamentals of Secure Software Development Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003eBest practices any software developer needs to avoid opening up their users, customers and organization to attack at the application layer.\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSecure Software Development Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eSecure Software Development\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAssets, Threats \u0026amp; Vulnerabilities\u003c\/li\u003e\n\u003cli\u003eSecurity Risk Analysis (Bus \u0026amp; Tech)\u003c\/li\u003e\n\u003cli\u003eSecure Dev Processes (MS, BSI…)\u003c\/li\u003e\n\u003cli\u003eDefense in Depth\u003c\/li\u003e\n\u003cli\u003eApproach for this course\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eThe Context for Secure Development\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAssets to be protected\u003c\/li\u003e\n\u003cli\u003eThreats Expected\u003c\/li\u003e\n\u003cli\u003eSecurity Imperatives (int\u0026amp;external)\u003c\/li\u003e\n\u003cli\u003eOrganization's Risk Appetite\u003c\/li\u003e\n\u003cli\u003eSecurity Terminology\u003c\/li\u003e\n\u003cli\u003eOrganizational Security Policy\u003c\/li\u003e\n\u003cli\u003eSecurity Roles and Responsibilities\u003c\/li\u003e\n\u003cli\u003eSecurity Training for Roles\u003c\/li\u003e\n\u003cli\u003eGeneric Security Goals \u0026amp; Requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExercise: \u003c\/strong\u003e Our Own Security Context\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eSecurity Requirements\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eProject-Specific Security Terms\u003c\/li\u003e\n\u003cli\u003eProject-Related Assets \u0026amp; Security Goals\u003c\/li\u003e\n\u003cli\u003eProduct Architecture Analysis\u003c\/li\u003e\n\u003cli\u003eUse Cases \u0026amp; MisUse\/Abuse Cases\u003c\/li\u003e\n\u003cli\u003eDataflows with Trust Boundaries\u003c\/li\u003e\n\u003cli\u003eProduct Security Risk Analysis\u003c\/li\u003e\n\u003cli\u003eElicit, Categorize, Prioritize SecRqts\u003c\/li\u003e\n\u003cli\u003eValidate Security Requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExercise: \u003c\/strong\u003eManaging Security Requirements\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDesigning Secure Software\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHigh-Level Design\u003cul\u003e\n\u003cli\u003eArchitectural Risk Analysis\u003c\/li\u003e\n\u003cli\u003eDesign Requirements\u003c\/li\u003e\n\u003cli\u003eAnalyze Attack Surface\u003c\/li\u003e\n\u003cli\u003eThreat Modeling\u003c\/li\u003e\n\u003cli\u003eTrust Boundaries\u003c\/li\u003e\n\u003cli\u003eEliminate Race Objects\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eDetail-Level Design\u003cul\u003e\n\u003cli\u003eSecure Design Principles\u003c\/li\u003e\n\u003cli\u003eUse of Security Wrappers\u003c\/li\u003e\n\u003cli\u003eInput Validation\u003c\/li\u003e\n\u003cli\u003eDesign Pitfalls\u003c\/li\u003e\n\u003cli\u003eValidating Design Security\u003c\/li\u003e\n\u003cli\u003ePairing Mem Mgmt Functinos\u003c\/li\u003e\n\u003cli\u003eExclude User Input from format strings\u003c\/li\u003e\n\u003cli\u003eCanonicalization\u003c\/li\u003e\n\u003cli\u003eTOCTOU\u003c\/li\u003e\n\u003cli\u003eClose Race Windows\u003c\/li\u003e\n\u003cli\u003eTaint Analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExercise:\u003c\/strong\u003e A Secure Software Design, Instructor Q \u0026amp; A\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eWriting Secure Code\u003c\/h4\u003e\n\u003cul\u003e\u003cli\u003eCoding\u003cul\u003e\n\u003cli\u003eDeveloper guidelines \u0026amp; checklists\u003c\/li\u003e\n\u003cli\u003eCompiler Security Settings (per)\u003c\/li\u003e\n\u003cli\u003eTools to use\u003c\/li\u003e\n\u003cli\u003eCoding Standards (per language)\u003c\/li\u003e\n\u003cli\u003eCommon pitfalls (per language)\u003c\/li\u003e\n\u003cli\u003eSecure\/Safe functions\/methods\u003cul\u003e\n\u003cli\u003eStack Canaries\u003c\/li\u003e\n\u003cli\u003eEncrypted Pointers\u003c\/li\u003e\n\u003cli\u003eMemory Initialization\u003c\/li\u003e\n\u003cli\u003eFunction Retrun Checking (e.e. malloc)\u003c\/li\u003e\n\u003cli\u003eDereferencing Pointers\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eInteger type selection\u003cul\u003e\n\u003cli\u003eRange Checking\u003c\/li\u003e\n\u003cli\u003ePre\/post checking\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eSynchronization Primatives\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eEarly Verification\u003c\/li\u003e\n\u003cli\u003eStatic Analysis (Code Review w\/tools)\u003c\/li\u003e\n\u003cli\u003eUnit \u0026amp; Dev Team Testing\u003c\/li\u003e\n\u003cli\u003eRisk-Based Security Testing\u003c\/li\u003e\n\u003cli\u003eTaint Analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExercise:\u003c\/strong\u003e Securing Coding Q \u0026amp; A\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eTesting for Software Security\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAssets to be protected\u003c\/li\u003e\n\u003cli\u003eThreats Expected\u003c\/li\u003e\n\u003cli\u003eSecurity Imperatives (int\u0026amp;external)\u003c\/li\u003e\n\u003cli\u003eOrganization's Risk Appetite\u003c\/li\u003e\n\u003cli\u003eStatic Analysis\u003c\/li\u003e\n\u003cli\u003eDynamic Analysis\u003c\/li\u003e\n\u003cli\u003eRisk-Based Security testing\u003c\/li\u003e\n\u003cli\u003eFuzz Testing (Whitebox vs Blackbox)\u003c\/li\u003e\n\u003cli\u003ePenetration Testing (Whitebox vs Blackbox)\u003c\/li\u003e\n\u003cli\u003eAttack Surface Review\u003c\/li\u003e\n\u003cli\u003eCode audits\u003c\/li\u003e\n\u003cli\u003eIndependent Security Review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExercise: \u003c\/strong\u003eTesting Software for Security\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eReleasing \u0026amp; Operating Secure Software\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eExercise: \u003c\/strong\u003eA Secure Software Release\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eMaking Software Development More Secure\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eIncident Response Planning\u003c\/li\u003e\n\u003cli\u003eFinal Security Review\u003c\/li\u003e\n\u003cli\u003eRelease Archive\u003c\/li\u003e\n\u003cli\u003eOS Protections:\u003cul\u003e\n\u003cli\u003eAddress Space Layout Randomization\u003c\/li\u003e\n\u003cli\u003eNon-Executable Stacks\u003c\/li\u003e\n\u003cli\u003eW^X\u003c\/li\u003e\n\u003cli\u003eData Execution Prevention\u003c\/li\u003e\n\u003cli\u003e\/ul\u0026gt;\u003c\/li\u003e\n\u003cli\u003eMonitoring\u003c\/li\u003e\n\u003cli\u003eIncident Response\u003c\/li\u003e\n\u003cli\u003ePenetration Testing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eProcess Review\u003c\/li\u003e\n\u003cli\u003eGetting Started\u003c\/li\u003e\n\u003cli\u003ePriorities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExercise: \u003c\/strong\u003eYour Secure Software Plan\u003c\/p\u003e\n\u003c\/div\u003e","brand":"ASPE","offers":[{"title":"268C56US \/ 2026-08-06T09:00:00 \/ Online","offer_id":47989466955995,"sku":"US-1825-IL","price":1036.0,"currency_code":"USD","in_stock":true},{"title":"26AA21US \/ 2026-10-01T09:00:00 \/ Online","offer_id":47989466988763,"sku":"US-1825-IL","price":1036.0,"currency_code":"USD","in_stock":true}]}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/collections\/ap6Y5TVPQvmta0bH5KqT_878fe8e5-7cc8-4a07-b077-080030db27da.webp?v=1780655663","url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/collections\/software-application-security.oembed","provider":"Learning Tree International","version":"1.0","type":"link"}