Develop yourself from Programmer to Secure Agile Programmer (incl. guidance)

• Perform Programmer tasks such as applying pattern based design and applying good coding practices. Then, test your skills by answering assessment questions after applying unit testing, integration testing, regression testing and user acceptance testing.
• This lab provides access to tools typically used by Programmers, including:
• �Windows 10
• �Microsoft Office 2016
• �Java 8
• �Eclipse
• �JMeter
• �Git and Git Extensions(GUI) + Port opened for Gish
• �GitHub Desktop
• This lab is part of the Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer journey.

Final Exam: Programmer will test your knowledge and application of the topics presented throughout the Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.

• Discover the basics of secure programming, including common

• security concepts like the CIA triangle, least privileges, and
• separation of duties. Explore authentication and authorization,
• including popular models like DAC, MAC, RBAC, and ABAC. Examine how
• to avoid common programming errors that can undermine security, as
• well as how to incorporate validation and verification into your
• programming.

• Explore various software vulnerability topics in this 19-video,

• which opens with a look at specific security vulnerabilities and
• how to program counter techniques. Then learners receive three
• tutorials on the OWASP (Open Web Application Security Project) Top
• 10 vulnerabilities: SQL injection, broken authentication, and
• cross-site scripting; broken access control, security
• misconfiguration, sensitive data exposure, and insufficient attack
• protection; and cross-site request forgery, using components with
• known vulnerabilities, and under protected application programming
• interfaces (APIs). Examine use of threat models including STRIDE
• (Spoofing, Tampering, Repudiation, Information Disclosure, Denial
• of Service, and Elevation), PASTA (the Process for Attack
• Simulation and Threat Analysis), DREAD (Damage, Reproductibility,
• Exploitability, Affected Users, Discoverability), and SQUARE
• (Security Quality Requirements Engineering). Use CVE (common
• vulnerabilities and exposures) vulnerability scoring, and examine
• Java, Python, C#, and Javascript SQL secure coding examples.
• Implement Python secure coding to combat SQL vulnerability; C# to
• combat common code vulnerabilities, and Javascript to combat Cross
• Site Scripting attacks. Use Common Vulnerability Scoring System
• (CVSS), and finally, use OWASP Zap and Vega vulnerability scanners
• to test websites for common vulnerabilities.

• In this 5-video course, learners discover the basics of

• cryptographic algorithms. You will receive a general overview of
• symmetric algorithms such as AES, Blowfish, and Serpent. You will
• also examine asymmetric algorithms such as RSA (Rivest, Sharmir,
• and Adelman), Diffie-Hellman, and elliptic-curve cryptography
• (ECC). More importantly, you will learn when to use which algorithm
• and what algorithms are better for specific purposes. You will then
• move on to integrity algorithms, including hashes like SHA (Secure
• Hash Algorithm 1), MD5 (Message Digest 5), and 6, RIPEMD (Ripe
• Message Digest), and HAVAL, as well as message authentication codes
• (MACs) and HMACs (keyed-hash message authentication codes). You
• will also examine the strengths and weaknesses of these different
• approaches. The goal is whether one can make intelligent choices
• about which algorithms to implement for which purpose; whether
• one's concerns are about confidentiality; if one needs to do key
• exchange; is message integrity an issue; are you storing passwords?
• These will each require different algorithms.

Explore common software attacks and the coding mistakes that make software vulnerable to them. Discover how to code against format string, SQL injection, buffer overflow, cross-site scripting, and password cracking attacks in Java, C#, JavaScript, and Python.

Explore resiliency concepts such as stability, recovery, and defensive coding. Discover how to write resilient code in Java, Python, C#, and JavaScript.

• Perform Secure Programmer tasks such as minimizing SQL injection vulnerability, using OWASP Zap application to test an insecure web application, using Python to encrypt a data set and explore vulnerable code that can cause an overrun of buffer's boundary in Java, Python, C# and Javascript. Then, test your skills by answering assessment questions after preventing cross site scripting vulnerability, using Python to brute force a simple password, and creating resilient code in Python and C#.
• This lab provides access to tools typically used by Secure Programmers, including:
• �Microsoft Office 2016
• �Java 8
• �Eclipse
• �JMeter
• �Git and Git Extensions(GUI) + Port opened for Gish
• �GitHub Desktop
• This lab is part of the Secure Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer journey.

Final Exam: Secure Programmer will test your knowledge and application of the topics presented throughout the Secure Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.

Discover the importance of exception handling, validation, and parameter checking in programming. Explore how to handle exceptions and apply validation in Java, Python, C#, and JavaScript, as well as how to configure component trust and reuse code.

Explore the basics of secure testing methodologies such as unit, regression, and integration testing. Discover how to work with security metrics and track security bugs.

• Perform Defensive Programmer tasks such as implementing Java exception handling and JavaScript validiation, and using Python to implement asymetric encryption. Then, test your skills by answering assessment questions after filtering data with Python, performing parameter checking with C#, developing recoverable code in Java and implementing secure testing.
• This lab provides access to tools typically used by Defensive Programmers, including:
• �Microsoft Office 2016
• �Java 8
• �Eclipse
• �JMeter
• �Git and Git Extensions(GUI) + Port opened for Gish
• �GitHub Desktop
• This lab is part of the Defensive Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer journey.

Final Exam: Defensive Programmer will test your knowledge and application of the topics presented throughout the Defensive Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.

• Explore Agile programming concepts such as iterative software

• approaches, differences between Agile and Waterfall, and creating a
• secure Agile culture. Examine Scrum, Lean software, extreme
• programming, and rapid application development. In addition, best
• practices for secure Agile development, facilitating a secure
• organizational culture, and secure methods for Scrum are also
• covered.

Discover how to gather Agile requirements, implement Agile processes, create a secure Agile software development lifecycle, implement Disciplined Agile Delivery, and apply best practices for secure software development.

Discover how to model software in an Agile environment, including how to apply story-driven modeling. Explore how to use and build secure user stories and examine the Specification by Example methodology.

Explore Agile software testing techniques, including Continual Security Testing, testing standards, and verification and validation. Discover how to integrate metrics into Agile programming, configure bug tracking, conduct static code analysis, and implement continuous integration techniques.

• Perform Secure Agile Programmer tasks such as performing manual and tool-based agile testing, implementing continual security testing and performing manual static code analysis. Then, test your skills by answering assessment questions after performing tool-based static code analysis, implementing bug tracking in Bugzilla and JIRA, and implementing continuous integration techniques.
• This lab provides access to tools typically used by Secure Agile Programmers, including:
• �Microsoft Office 2016
• �Java 8
• �Eclipse
• �JMeter
• �Git and Git Extensions(GUI) + Port opened for Gish
• �GitHub Desktop
• This lab is part of the Secure Agile Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer journey.

Final Exam: Secure Agile Programmer will test your knowledge and application of the topics presented throughout the Secure Agile Programmer track of the Skillsoft Aspire Programmer to Secure Agile Programmer Journey.