Uncertain Times — Infosec's here to help. Learn about remote testing and other COVID-19 resources.

Learn Secure Coding Fundamentals

This path describes common development mistakes, how they can be exploited and possible mitigations.

14 courses  //   93 videos  //   11 hours of training

Free training week — 600+ on-demand courses and hands-on labs

Secure Coding Fundamentals training

Most software vulnerabilities are caused by the same few development mistakes. This path describes these vulnerabilities and how to recognize them in code, demonstrates how they are exploited by attackers (including real-world case studies of vulnerable applications in production), and describes ways by which the vulnerabilities can be mitigated.

Learning path components

Secure Coding Fundamentals Project
Practice Exam
Secure Coding Fundamentals Project

Secure Coding Fundamentals Project

Apply the hacker mindset to application security by solving the multiple challenges included in this project. You’ll need to identify vulnerabilities in the provided applications and code samples and discover how those vulnerabilities could be exploited by an attacker. See for yourself how security errors in code can lead to compromised credentials, SQL injections, and buffer overflow and Cross-Site Scripting (XSS) attacks.

Number of questions: 5

Secure Coding Fundamentals Skill Assessment
Assessment
Secure Coding Fundamentals Skill Assessment

Secure Coding Fundamentals Skill Assessment

See how your Secure Coding Fundamentals skills stack up against other professionals in your field.

Number of questions: 20

Python Code Security Cyber Range
Cyber Range
Python Code Security Cyber Range

Python Code Security Cyber Range

Gain practical experience and develop your secure Python coding skills through 10 hands-on labs in the Python Code Security Cyber Range.

10 labs
2 hours of training

Introduction to Secure Coding Fundamentals
Course
Introduction to Secure Coding Fundamentals

Introduction to Secure Coding Fundamentals

This course introduces the need for secure coding and the tools used in this learning path.

2 videos
7 minutes of training

Buffer Overflows
Course
Buffer Overflows

Buffer Overflows

This course introduces the buffer overflow vulnerability, its exploitation and possible mitigations.

7 videos
51 minutes of training

Integer Overflows and Underflows
Course
Integer Overflows and Underflows

Integer Overflows and Underflows

This course introduces integer overflow and underflow vulnerabilities, their exploitation and possible mitigations.

7 videos
53 minutes of training

Race Conditions
Course
Race Conditions

Race Conditions

This course introduces race conditions, their exploitation and possible mitigations.

7 videos
50 minutes of training

Format String Vulnerabilities
Course
Format String Vulnerabilities

Format String Vulnerabilities

This course introduces format string vulnerabilities, their exploitation and possible mitigations.

7 videos
34 minutes of training

Command Injection
Course
Command Injection

Command Injection

This course introduces command injection vulnerabilities, their exploitation and possible mitigations.

7 videos
40 minutes of training

Least Privilege
Course
Least Privilege

Least Privilege

This course introduces the principle of least privilege and its importance in secure coding.

7 videos
33 minutes of training

Credential Management
Course
Credential Management

Credential Management

This course describes how poor credential management can make an application vulnerable to attack, how it can be exploited and how to manage credentials properly.

7 videos
61 minutes of training

Cryptography
Course
Cryptography

Cryptography

This course discusses how the poor use of cryptography can leave an application vulnerable to attack and how it can be exploited, as well as potential mitigations.

7 videos
40 minutes of training

SQL Injection
Course
SQL Injection

SQL Injection

This course introduces SQL injection vulnerabilities, their exploitation and possible mitigations.

7 videos
44 minutes of training

Cross-Site Scripting
Course
Cross-Site Scripting

Cross-Site Scripting

This course introduces cross-site scripting vulnerabilities, their exploitation and possible mitigations.

7 videos
31 minutes of training

Cross-Site Request Forgery
Course
Cross-Site Request Forgery

Cross-Site Request Forgery

This course introduces cross-site request forgery vulnerabilities, their exploitation and possible mitigations.

7 videos
23 minutes of training

Poor HTTP Usage
Course
Poor HTTP Usage

Poor HTTP Usage

This course describes how poor use of HTTP and HTML can be exploited, as well as possible mitigations.

7 videos
43 minutes of training

Error Handling
Course
Error Handling

Error Handling

This course describes how poor error handling can be exploited and possible mitigations for this problem.

7 videos
27 minutes of training

 

What you’ll learn.

  • Common vulnerabilities, such as buffer overflows and SQL injections
  • How poor credential management, crytpography use and HTTP use are exploited
  • Mitigating those vulnerabilities through secure code

Who is this for?

This skill path is designed for:

  • Software engineers
  • Application and web developers
  • Project managers
  • Anyone interested in learning about secure coding

Python Code Security Cyber Range

This cyber range helps you develop your knowledge in finding and remediating vulnerabilities in Python code. You’ll build and reinforce your skills as you progress through labs covering a wide range of Python code security topics, including using Bandit, PyT and other tools to find common security issues in Python code, perform taint and control flow analysis, and recognize vulnerabilities that can lead to common application attacks, such as cross-site scripting or XPath injection. You will also practice identifying supply chain vulnerabilities, unsafe deserialization and other risks.

 

Train on your schedule

Personal

Infosec Skills

  • 600+ courses
  • 100s of hands-on labs and projects
  • 70+ role-based learning paths
  • Skill assessments
  • Custom learning paths
  • Custom certification practice exams
  • Cloud-hosted cyber ranges
  • Infosec peer community support

Infosec Skills boot camp

  • Live, instructor-led training
  • Available in-person or live online
  • All Infosec Skills content from the minute you enroll to 90 days following your boot camp
  • Certification exam voucher
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee

Team

Infosec Skills Teams

$599 per learner / year

  • All Infosec Skills content for the year
  • Team boot camp discounts — online or onsite (not included with subscription)
  • Team administration and reporting
  • Custom team learning paths
  • Transferable licenses
  • Dedicated client success manager

Award-winning training that you can trust

Best Software - Highest Satisfaction

Infosec Skills

Best IT Security-related Training Program

Infosec Skills

Best Cybersecurity Education Provider & Best Security Education Platform

Infosec Skills

Most Innovative Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Global Excellence - Cyber Security Education & Training

Infosec Skills

Exceptional learning experiences powered by LX Labs cyber expertise

Infosec Skills courses and labs are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet all Infosec Skills training resources to guarantee they meet certification and compliance requirements and align with recognized guidelines like the NICE Cybersecurity Workforce Framework.

LX Labs

Infosec Named a Leader in Security Awareness & Training

Read the Forrester Wave to learn what sets Infosec apart and the latest training program trends.