Veracode eLearning contains over 50 hours of secure training content in a web-based training module format. Our eLearning program is designed specifically for developers and security personnel to meet formal training and competency testing requirements. Veracode eLearning also contains a comprehensive knowledgebase on secure software development. Acting as an encyclopedia of security information, the knowledgebase provides searchable content and specific guidance for development or security teams. Access to the modules can be purchased independently or as part of any Veracode subscription.

Courses can be taken at the user’s own pace and the platform provides usage metrics, such as courses completed. Students are eligible for CPE credits, one hour course work equates to one hour CPE credit. Upon completion of a module a PDF user transcript receipt can be given to the CPE authority as proof. This type of eLearning training program can help organizations comply with ISO regulations and new industry standards such as the SANS Application Security Procurement Contract Language, which is being used by the State of New York and DTCC as a pre-requisite for providing them with custom software.

Click here to download the entire eLearning curriculum as a PDF.

Veracode eLearning Course Bundles

Fundamentals Introductory Track

• 100 Level
  • Fundamentals of Application Security
  • Fundamentals of Secure Development
• 200 Level
  • Web Vulnerabilities – Threats & Mitigations
  • OWASP Top Ten – Threats and Mitigations
  • Intro. To Cross-Site Scripting – With JSP
  • Intro. To Cross-Site Scripting – With ASP.NET

Awareness and Management Track

• 100 Level
  • Fundamentals of Application Security
  • Software Security Awareness
  • Six Fundamentals of Information Security
  • Microsoft SDL for Managers
  • Introduction to the Microsoft SDL
  • How to Define Software Security Requirements and Design
  • Fundamentals of Security Awareness – Mobile & Social Media
• 200 Level
  • SDLC Gap Analysis & Remediation Techniques
• 300 Level
  • Introduction to Threat Modeling
  • Attack Surface Analysis & Reduction

Design & Development Track

• 100 Level
  • Fundamentals of Secure Architecture
• 200 Level
  • PCI Best Practices for Developers
  • OWASP Top Ten – Threats & Mitigations
  • Architecture Risk Analysis and Remediation
  • Intro. to Security Tools & Technologies
• 300 Level
  • Introduction to Cryptography

• 100 Level
  • Fundamentals of Secure Development
  • Fundamentals of Secure Mobile Development
  • Fundamentals of Web 2.0 Security
  • Fundamentals of Secure Database Development
• 200 Level
  • Understanding Secure Code – JRE
  • Understanding Secure Code – C/C++
  • Understanding Secure code - .NET
  • Understanding Secure Code – Windows Vista
  • Understanding Secure Code – Windows 7
  • Creating Secure Code – iPhone Foundations
  • Creating Secure Code – Android Foundations
  • Creating Secure Code – SQL Server Foundations
  • Creating Secure Code – Oracle Foundations
  • Web Vulnerabilities – Threats and Mitigations
  • Intro. to Cross-Site Scripting – with JSP Examples
  • Intro. to Cross-Site Scripting – with ASP.NET Examples
• 300 Level
  • Creating Secure Code – J2EE
  • Creating Secure Code – C/C++
  • Creating Secure Code - ASP.NET
  • Creating Secure Code – C#
  • Creating Secure Code - PHP
• 400 Level
  • Integer Overflows – Attacks and Countermeasures
  • Buffer Overflows – Attacks and Countermeasures

Testing & Validation Track

• 100 Level
  • Fundamentals of Security Testing
• 200 Level
  • Classes of Security Defects
• 300 Level
  • Software Security Testing – Tools & Techniques
• 400 Level
  • Advanced Software Security Testing
  • Exploiting Buffer Overflows
  • How to Perform a Security Code Review