Understand how security integrates into the development process of an application, and learn how to mitigate common vulnerabilities in web applications.

This module will introduce you to the software development lifecycle and the core security controls that can be integrated into it to prevent vulnerabilities in the final product. You’ll learn about the most common vulnerabilities in web applications and APIs, and how to integrate DAST and SAST tools into early development phases to detect and mitigate them proactively.

OWASP API Security Top 10 - 1

Learn the basic concepts for secure API development (Part 1).

OWASP API Security Top 10 - 2

Learn the basic concepts for secure API development (Part 2).

SSDLC

This room focuses on the Secure Software Development Lifecycle (S-SDLC), its processes, and methodologies.

SAST

Learn about Static Application Security Testing.

DAST

Learn about Dynamic Application Security Testing.

Weaponizing Vulnerabilities

Learn how a vulnerability evolves and methods to weaponize multiple vulnerabilities leading to RCE.

Introduction to DevSecOps

Learn about the story of DevSecOps, Software Development Models & Shifting Left.

Mother's Secret

Exploit flaws found in Mother's code to reveal its secrets.

Traverse

Challenge your secure coding skills to restore a compromised website.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.

Software Security