Course curriculum

    1. Welcome to Semgrep Academy!

    2. Course Introduction

    3. Course Prerequisites

    4. History Lesson

    5. Industry Definitions

    1. Goals vs Activities

    2. Goal: Inventory

    3. Goal: Finding Vulnerabilities

    4. Goal: The Knowledge to Fix What You Have Found

    5. Goal: Effective Tooling

    6. Goal: Education and Reference Materials

    7. Goal: Giving Developers Security Tools

    8. Goal: Security Activities during the SDLC

    9. Goal: Incident Response

    10. Goal: Continuous Improvement

    11. Example: Program Goals 1

    12. Example 2: Program Goals

    13. Example 3: Program Goals

    14. Assignment Instructions: Setting Your Goals

    15. Assignment #1: Setting Goals for your AppSec Program

    16. Quiz: Application Security Goals

    1. What are the different AppSec activities?

    2. VA Scans and Security Assessments

    3. Threat Modelling

    4. Secure Code Review and Static Analysis

    5. Software Composition Analysis (SCA) and Supply Chain Security

    6. Penetration Testing (PenTesting)

    7. Quiz: AppSec Activities - The Basics

    1. Developer Education and Advocacy Programs

    2. Responsible Disclosure and Bug Bounty

    3. Helpful Policies, Guidelines and Standards

    4. Giving Developers Security Tools

    5. Secure Coding Library and Templates

    6. Security Reference Materials

    7. The Partnership Model

    8. Metrics and Measurement

    9. Security Regression Testing with unit tests

    10. Capture The Flag and Other Forms of Gamification

    11. Reviewing New Tech

    12. Adding Security-Related IDE Plugins

    13. Adding a shield in front of your app (WAF/RASP/CDN)

    14. Quiz: AppSec Activities - Intermediate

    1. Adding Security Tooling to a Pipeline

    2. Asynchronous Pipeline

    3. Chaos Engineering and Red Teaming

    4. Security Sprints

    5. Asking directly for feedback from Dev & Ops

    6. Quiz: AppSec Activities - DevOps Flavoured

    1. Team-Specific, Customized Security Training

    2. Creating Custom Tools

    3. Targeting an Entire Bug Class

    4. Table Top Exercises

    5. Interactive Assignment - AppSec Activities

    6. Assignment 2: AppSec Activities

    7. Quiz: Advanced AppSec Activities

About this course

  • Free
  • 95 lessons
  • 5 hours of video content

Build your AppSec program, starting today

Course Reviews

Check out what other students have to say!

5 star rating

Content Clarity

Priscilla Azilafu

The course topic on what AppSec is was really explained and now I no that DevSecOps is weaing security into Dev and Ops. DevSecOps engineers don't do DevOps ...

Read More

The course topic on what AppSec is was really explained and now I no that DevSecOps is weaing security into Dev and Ops. DevSecOps engineers don't do DevOps work but work with the DevOps team to ensure security in their usual processes. This is phenomenal. Thanks for the clarity.

Read Less
5 star rating

Great Course !

Surendra Pal

Recommended for someone who wants to learn Application Security.

Recommended for someone who wants to learn Application Security.

Read Less
5 star rating

course review

Kyle Bearden

very practical and helpful for real world activities. Good ideas

very practical and helpful for real world activities. Good ideas

Read Less
5 star rating

AppSec Foundations Level 1 training

Lewis M.K.

Very informative and rich with info. that's recommended for everyone, especially CISOs, Security Teams, and anyone wanting to get into Cyber Security.

Very informative and rich with info. that's recommended for everyone, especially CISOs, Security Teams, and anyone wanting to get into Cyber Security.

Read Less