Intermediate Secure Software Development II
Difficulty
Intermediate Secure Software Development II builds on secure coding skills by exploring advanced web vulnerabilities and how to prevent them. Learners study cross-origin attacks, SQL injection, server-side request forgery, credential attacks, and more, giving developers the tools to create safer, stronger web applications.
12
modules
101
hours of content
12
real-world skills
Learning Objectives
- Deeply understand cross-origin vulnerabilities and secure configurations
- Proactively address template and SQL injection tactics
- Implement proactive hardening against credential-based attacks
- Develop a tactical grasp of insecure deserialization risks and prevention
Who is it for?
- Developers seeking to specialize in application security
- Security teams aiming to address nuanced software weaknesses
- Ambitious learners ready to expand their skillset beyond foundational practices
Showcase your skills with an OffSec Learning Badge
Proficiency
Proven knowledge of core secure coding concepts and vulnerability assessment
Industry recognition
A valuable OffSec credential demonstrating your commitment to cybersecurity
Hands-on skill
Demonstrated ability to create web applications that are secure and resilient
Flexible pricing for teams of any size
Scalable options to fit your team's training needs
Intermediate Secure Software Development II FAQ
-
Are there any prerequisites for Intermediate Secure Software Development II?
There are no formal prerequisites, but a solid grasp of secure coding fundamentals and web development concepts are highly recommended. Completion of the following learning paths is also recommended:
-
Is Intermediate Secure Software Development II good for beginners?
No, learners should have a complete understanding of basic secure software development concepts and skills prior to starting this learning path.
-
Intermediate Secure Software Development II: NIST Work Roles
- Secure Software Development
- Secure Systems Development
- Software Security Assessment
-
Intermediate Secure Software Development II: NIST TKS’s
- Knowledge of computer networking protocols
- Knowledge of risk management processes
- Knowledge of cybersecurity laws and regulations
- Knowledge of cybersecurity policies and procedures
- Knowledge of privacy principles and practices
- Knowledge of enterprise cybersecurity architecture principles and practices
- Determine hardware configuration
- Knowledge of complex data structure capabilities and applications
- Skill in creating mathematical models
- Skill in creating statistical models
-
Skills learned in Intermediate Secure Software Development II
- Authentication bypass
- Password cracking (e.g., Hashcat, John the Ripper)
- Web app penetration testing
- Web security testing (OWASP Top 10)
- Secure coding
- Source code review
- Input validation testing
- Session management testing
- Secure development (SSDLC, DevSecOps)
- Threat modeling
- Configuration hardening
- Misconfiguration identification (cloud, network, web)
Secure Software Development Learning Paths
Intermediate Secure Development II
Intermediate Secure Development I
Intro to Secure Software Development
OWASP Top 10 - 2021 Essentials
Secure Development Essentials
