Uncertain Times — Infosec's here to help. Learn about remote testing and other COVID-19 resources.

Learn Secure Coding Fundamentals

This path describes common development mistakes, how they can be exploited and possible mitigations.

Get started

14 courses  //   93 videos  //   11 hours of training

Free training week — 600+ on-demand courses and hands-on labs

Start Learning

Secure Coding Fundamentals training

Most software vulnerabilities are caused by the same few development mistakes. This path describes these vulnerabilities and how to recognize them in code, demonstrates how they are exploited by attackers (including real-world case studies of vulnerable applications in production), and describes ways by which the vulnerabilities can be mitigated.

Learning path components

Secure Coding Fundamentals Project
Practice Exam
Secure Coding Fundamentals Project

Secure Coding Fundamentals Project

Apply the hacker mindset to application security by solving the multiple challenges included in this project. You’ll need to identify vulnerabilities in the provided applications and code samples and discover how those vulnerabilities could be exploited by an attacker. See for yourself how security errors in code can lead to compromised credentials, SQL injections, and buffer overflow and Cross-Site Scripting (XSS) attacks.

Number of questions: 5
Secure Coding Fundamentals Skill Assessment
Assessment
Secure Coding Fundamentals Skill Assessment

Secure Coding Fundamentals Skill Assessment

See how your Secure Coding Fundamentals skills stack up against other professionals in your field.

Number of questions: 20
Python Code Security Cyber Range
Cyber Range
Python Code Security Cyber Range

Python Code Security Cyber Range

Gain practical experience and develop your secure Python coding skills through 10 hands-on labs in the Python Code Security Cyber Range.

10 labs
2 hours of training
Introduction to Secure Coding Fundamentals
Course
Introduction to Secure Coding Fundamentals

Introduction to Secure Coding Fundamentals

This course introduces the need for secure coding and the tools used in this learning path.

2 videos
7 minutes of training
Buffer Overflows
Course
Buffer Overflows

Buffer Overflows

This course introduces the buffer overflow vulnerability, its exploitation and possible mitigations.

7 videos
51 minutes of training
Integer Overflows and Underflows
Course
Integer Overflows and Underflows

Integer Overflows and Underflows

This course introduces integer overflow and underflow vulnerabilities, their exploitation and possible mitigations.

7 videos
53 minutes of training
Race Conditions
Course
Race Conditions

Race Conditions

This course introduces race conditions, their exploitation and possible mitigations.

7 videos
50 minutes of training
Format String Vulnerabilities
Course
Format String Vulnerabilities

Format String Vulnerabilities

This course introduces format string vulnerabilities, their exploitation and possible mitigations.

7 videos
34 minutes of training
Command Injection
Course
Command Injection

Command Injection

This course introduces command injection vulnerabilities, their exploitation and possible mitigations.

7 videos
40 minutes of training
Least Privilege
Course
Least Privilege

Least Privilege

This course introduces the principle of least privilege and its importance in secure coding.

7 videos
33 minutes of training
Credential Management
Course
Credential Management

Credential Management

This course describes how poor credential management can make an application vulnerable to attack, how it can be exploited and how to manage credentials properly.

7 videos
61 minutes of training
Cryptography
Course
Cryptography

Cryptography

This course discusses how the poor use of cryptography can leave an application vulnerable to attack and how it can be exploited, as well as potential mitigations.

7 videos
40 minutes of training
SQL Injection
Course
SQL Injection

SQL Injection

This course introduces SQL injection vulnerabilities, their exploitation and possible mitigations.

7 videos
44 minutes of training
Cross-Site Scripting
Course
Cross-Site Scripting

Cross-Site Scripting

This course introduces cross-site scripting vulnerabilities, their exploitation and possible mitigations.

7 videos
31 minutes of training
Cross-Site Request Forgery
Course
Cross-Site Request Forgery

Cross-Site Request Forgery

This course introduces cross-site request forgery vulnerabilities, their exploitation and possible mitigations.

7 videos
23 minutes of training
Poor HTTP Usage
Course
Poor HTTP Usage

Poor HTTP Usage

This course describes how poor use of HTTP and HTML can be exploited, as well as possible mitigations.

7 videos
43 minutes of training
Error Handling
Course
Error Handling

Error Handling

This course describes how poor error handling can be exploited and possible mitigations for this problem.

7 videos
27 minutes of training
 

What you’ll learn.

  • Common vulnerabilities, such as buffer overflows and SQL injections
  • How poor credential management, crytpography use and HTTP use are exploited
  • Mitigating those vulnerabilities through secure code

Who is this for?

This skill path is designed for:

  • Software engineers
  • Application and web developers
  • Project managers
  • Anyone interested in learning about secure coding

Python Code Security Cyber Range

This cyber range helps you develop your knowledge in finding and remediating vulnerabilities in Python code. You’ll build and reinforce your skills as you progress through labs covering a wide range of Python code security topics, including using Bandit, PyT and other tools to find common security issues in Python code, perform taint and control flow analysis, and recognize vulnerabilities that can lead to common application attacks, such as cross-site scripting or XPath injection. You will also practice identifying supply chain vulnerabilities, unsafe deserialization and other risks.

Explore Cyber Range
 

You're in good company

Infosec Skills is a very good place for building technical acumen and engineering development knowledge. It enables us to provide training to the entire team on relevant topics.

Comcast Business

Romy Ricafort, West Division Senior Director of Sales Engineering

Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I've had.

FireEye, Inc.

James Coyle , Senior U.S. Public Sector Channel Sales Engineer

I knew Infosec could tell me what to expect on the exam and what topics to focus on most.

Tennenbaum Capital Partners

Julian Tang, Chief Information Officer
See more case studies

Plans and pricing

Personal

$34

Monthly

Get Started
Start Free Trial

Personal

$299

Annually

Get Started
Start Free Trial

Teams

$599 / license

Annually. Includes all content plus team admin and reporting.

Request Quote
Learn More

Award-winning training that you can trust

Infosec Skills

Best IT Security-related Training Program

Infosec and Infosec Skills

Best Cybersecurity Education Provider and Best Security Education Platform

Infosec Skills

Most Innovative Product

Infosec Skills

Cyber Security Education and Training

Infosec Skills

Exceptional learning experiences powered by LX Labs cyber expertise

Infosec Skills courses and labs are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet all Infosec Skills training resources to guarantee they meet certification and compliance requirements and align with recognized guidelines like the NICE Cybersecurity Workforce Framework.

Meet LX Labs
LX Labs

Infosec Named a Leader in Security Awareness & Training

Read the Forrester Wave to learn what sets Infosec apart and the latest training program trends.

Get the report