Security E-Learnings

Security is not just the responsibility of software developers

To securely operate software solutions, not only software developers need to understand cyber security. Other individuals making security-relevant decisions also contribute to security. This includes everyone involved in the development, operation, or use of the respective solution, such as Product Owners, Project Managers, Scrum Masters, DevOps Engineers, and Scrum Masters.

A comprehensive security training program, not just e-learnings

The goal of the Redguard learning paths is to provide all individuals involved in development and operations with role-specific security knowledge. All topics have learning units at three progressive levels: "Novice," "Explorer," and "Master." Employees with different responsibilities can focus on the content they need to optimally contribute to overall security in their specific role:

  • Novice: Learning the basics of secure software development and becoming familiar with general security topics. This level does not differentiate between different areas (Application Security and Operations Security).
  • Explorer: Deepening the knowledge from the basic level, learning about additional security risks and vulnerabilities, and exploring initial specialized topics in Application Security and Operations Security.
  • Master: Developing and expanding specialized knowledge in various areas of information security, with specific topics in Application Security and Operations Security, as well as overarching information security subjects.

Your benefits at a glance:

  • Role-specific knowledge transfer for all participants to optimally enhance security.
  • Coherent learning paths with consistently structured training units.
  • Better user acceptance through availability in multiple languages (DE/EN/FR).

Our Trainings

Request offer

Basic Security

Introduction to the basics of security:

  • Secure Development Lifecycle
  • HTTP Transport Security
  • CSRF and Clickjacking
  • Cryptography Basics
  • Brute Force Attacks
  • Denial of Service Attacks

Container Security

Learn how to secure container environments:

  • Container Security Module 1 - Introduction
  • Container Security Module 2 - Building secure Container Images
  • Container Security Module 3 - Developing Containers securely

Advanced Security 1

In-depth insights into advanced security concepts:

  • File Inclusion Vulnerabilities
  • XSS Advanced
  • SQL Injection
  • REST API Security

Cloud Security

Security strategies for cloud environments:

  • Cloud Security Introduction
  • Cloud Security Network Security
  • Cloud Security Secrets Management

Framework Security

Security aspects when using frameworks:

  • Security with Angular
  • Docker/Container Security
  • Security with React

Advanced Web Application Security

In-depth understanding of web application security:

  • Padding Oracle Attacks
  • Race Conditions
  • JSON Injection
  • Content Security Policy (CSP) Header
  • CORS
  • HTTP Parameter Pollution

Security Operations

Operational safety processes and practices:

  • Monitoring: SIEM
  • Incident Response
  • Threat Modeling
  • Security Management

Privacy and Anonymity

Protecting privacy and anonymity in the digital age:

  • Data Protection: Data Anonymization
  • TLS Hardening
  • Zero-Trust

OWASP Top 10

Explore the most common security risks in web applications according to the latest OWASP Top 10 version:

  • Broken Access Control
  • Cryptography Failures
  • Injection
  • Insecure Design
  • Security Misconfiguration
  • Vulnerable and Outdated Components
  • Identification and Authentication Failures
  • Software and Data Integrity Failures
  • Security Logging and Monitoring Failures
  • Server Side Request Forgery

System Security

Basic security practices for operating systems:

  • Database Security
  • System Security Linux
  • System Security Windows

Advanced Security 2

Advanced security topics, part 2:

  • AuthZ (Authorization)
  • Cryptography
  • Security Automation (CI Pipeline)
  • oAuth OpenID JWT

Network Security

Securing networks and communication:

  • Network Security ARP Spoofing
  • Network Security Segmentation
  • Network Security Logging and Monitoring

Application Security Architecture

Development of a secure application architecture:

  • Web Application Firewall
  • Application Security Architecture
  • OWASP Application Security Verification Standard

Authentication and Secrets Management

Authentication and management of secrets:

  • oAuth
  • SAML
  • Mobile App Security

Vulnerability Management

Effective management of security gaps:

  • Vulnerability Scanning CI:CD
  • Malware Basics
  • Third Party Libraries
  • Vulnerability Scanning Nessus

Advanced System Security

Advanced protection of systems:

  • System Security Architecture
  • System Security Architecture WAF

Prerequisites

The training is suitable for all individuals involved in the development and maintenance of web applications. This includes, for example:
  • Developers
  • Software Architects
  • Product Owners
  • Project Managers
  • Scrum Masters
  • DevOps Engineers
  • Administrators

Languages

The modules are available in German, English, and French. The languages can be freely chosen. All modules in a given language are provided as a complete package.

Delivery Method

The content is delivered in a way that allows easy integration into your own e-learning platform.

Pricing Model

Provision is based on a licensing model. The price is calculated based on the number of desired languages and the number of employees to be trained.

We look forward to your inquiry and will be happy to provide you with a suitable offer.