John's Security: AppSec Certificates

  1. Strategy
    1. Security Framework: NIST CSF from Pluralsight by Mike Woolard
  2. CSSLP
    1. Secure Software Concepts for CSSLP® from Pluralsight by Kevin Henry
    2. Secure Software Implementation for CSSLP® from Pluralsight by Kevin Henry
    3. Secure Software Testing for CSSLP® from Pluralsight by Kevin Henry
    4. Secure Software Supply Chain for CSSLP® from Pluralsight by Kevin Henry
  3. Developer Security Champion
    1. Introduction to Security Champion for Developers from Pluralsight by Kat DeLorean Seymour
    2. Developer Security Champion: OWASP Top 10 from Pluralsight by Kat DeLorean Seymour
    3. Developer Security Champion: API Security from Pluralsight by Gavin Johnson-Lynn
    4. Developer Security Champion: Data Protection Standards from Pluralsight by Kevin James
    5. Developer Security Champion: Encrypted Communications from Pluralsight by Henry Been
    6. Developer Security Champion: Secure Authentication Implementation from Pluralsight by Gavin Johnson-Lynn
    7. Developer Security Champion: Vulnerability Testing from Pluralsight by Christian Wenz
  4. Programming
    1. OWASP Top 10: Broken Access Control from Codecademy
    2. OWASP Top 10: Identification and Authentication Failures from Codecademy
    3. Learn about CSRF Attacks from Codecademy
    4. OWASP Top 10 from Snyk
    5. Snyk Top 10 from Snyk
    6. Security for Developers from Snyk
  5. Access
    1. Introduction to OAuth 2.0 and OpenID Connect from Pragmatic Web Security by Dr. Philippe De Ryck
    2. OAuth2 and OpenID Connect: Easy Now from Pluralsight by Roland Guijt
  6. API
    1. API Security Architect from API Academy
  7. Software Supply Chain Security (SSCS)
    1. Secure Coding: Using Components with Known Vulnerabilities from Pluralsight by Peter Mosmans
    2. Security Hot Takes: SBOMs from Pluralsight by Aaron Rosenmund, Brandon DeVault
    3. Saviynt Supply Chain Risk Management Training from KnowBe4
  8. Container Security
    1. Painless Vulnerability Management from Chainguard
    2. NeuVector Basics from Rancher Academy
    3. Container Infrastructure Analysis with Trivy from Pluralsight by Zach Roof
  9. Kubernetes
    1. Kubernetes Security: Cluster Setup from Pluralsight by Antonio Jesús Piedra
    2. Kubernetes Security: Cluster Hardening from Pluralsight by Erik Whitaker
    3. Kubernetes Security: Minimizing Microservice Vulnerabilities from Pluralsight by Justin Boyer
    4. Kubernetes Security: Implementing Supply Chain Security from Pluralsight by Antonio Jesús Piedra
  10. DevOps
    1. Certified DevOps Information Security Engineer (DevOps-SEC) from DevOps Academy
  11. SecOps
    1. Detect, Prioritize, and Remediate Cloud Security Risks with Datadog CSM from Datadog
    2. Getting Started with APM Metrics & Traces from Datadog
    3. Red Team Operations: Target and Capability Development from Pluralsight by Aaron Rosenmund
    4. Red Team Tools for Emulated Adversary Techniques with MITRE ATT&CK from Pluralsight by Aaron Rosenmund
    5. Blue Team Tools: Defense against Adversary Activity Using MITRE Techniques from Pluralsight by Aaron Rosenmund
  12. AWS
    1. AWS: Identity and Access Management from Whizlabs
    2. Introduction to AWS Identity and Access Management (IAM) from Simplilearn
    3. Introduction to AWS Trusted Advisor from Simplilearn
    4. Getting Started with AWS Security Hub from Simplilearn
    5. Introduction to AWS Security Token Services (STS) from Simplilearn
    6. Getting Started with AWS Control Tower from Simplilearn
  13. Snyk
    1. Application Analysis with Snyk from Pluralsight by Hiren Gadhvi
  14. Vulnerability Examples
    1. Apache Commons Text Vulnerability: What You Should Know from Pluralsight by Bri Frost, Brandon DeVault
    2. Atlassian RCE Vulnerabilities: What You Should Know from Pluralsight by Michael Teske, Matthew Lloyd Davies
    3. Log4j Vulnerability: What You Should Know from Pluralsight by Bri Frost, Brandon DeVault
    4. regreSSHion - an OpenSSH RCE Vulnerability: What You Should Know from Pluralsight by Michael Teske, Matthew Lloyd Davies
    5. XZ Backdoor Supply Chain Vulnerability: What You Should Know from Pluralsight by Aaron Rosenmund, Matthew Lloyd Davies

Strategy (1)

Security Framework: NIST CSF from Pluralsight by Mike Woolard

John's Security Framework: NIST CSF from Pluralsight by Mike Woolard

CSSLP (4)

Secure Software Concepts for CSSLP® from Pluralsight by Kevin Henry

John's Secure Software Concepts for CSSLP® from Pluralsight by Kevin Henry

Secure Software Implementation for CSSLP® from Pluralsight by Kevin Henry

John's Secure Software Implementation for CSSLP® from Pluralsight by Kevin Henry

Secure Software Testing for CSSLP® from Pluralsight by Kevin Henry

John's Secure Software Testing for CSSLP® from Pluralsight by Kevin Henry

Secure Software Supply Chain for CSSLP® from Pluralsight by Kevin Henry

John's Secure Software Supply Chain for CSSLP® from Pluralsight by Kevin Henry

Developer Security Champion (7)

Introduction to Security Champion for Developers from Pluralsight by Kat DeLorean Seymour

John's Introduction to Security Champion for Developers from Pluralsight by Kat DeLorean Seymour

Developer Security Champion: OWASP Top 10 from Pluralsight by Kat DeLorean Seymour

John's Developer Security Champion: OWASP Top 10 from Pluralsight by Kat DeLorean Seymour

Developer Security Champion: API Security from Pluralsight by Gavin Johnson-Lynn

John's Developer Security Champion: API Security from Pluralsight by Gavin Johnson-Lynn

Developer Security Champion: Data Protection Standards from Pluralsight by Kevin James

John's Developer Security Champion: Data Protection Standards from Pluralsight by Kevin James

Developer Security Champion: Encrypted Communications from Pluralsight by Henry Been

John's Developer Security Champion: Encrypted Communications from Pluralsight by Henry Been

Developer Security Champion: Secure Authentication Implementation from Pluralsight by Gavin Johnson-Lynn

John's Developer Security Champion: Secure Authentication Implementation from Pluralsight by Gavin Johnson-Lynn

Developer Security Champion: Vulnerability Testing from Pluralsight by Christian Wenz

John's Developer Security Champion: Vulnerability Testing from Pluralsight by Christian Wenz

Programming (6)

OWASP Top 10: Broken Access Control from Codecademy

John's OWASP Top 10: Broken Access Control from Codecademy

OWASP Top 10: Identification and Authentication Failures from Codecademy

John's OWASP Top 10: Identification and Authentication Failures from Codecademy

Learn about CSRF Attacks from Codecademy

John's Learn about CSRF Attacks from Codecademy

OWASP Top 10 from Snyk

John's OWASP Top 10 from Snyk

Snyk Top 10 from Snyk

John's Snyk Top 10 from Snyk

Security for Developers from Snyk

John's Security for Developers from Snyk

Access (2)

Introduction to OAuth 2.0 and OpenID Connect from Pragmatic Web Security by Dr. Philippe De Ryck

John's Introduction to OAuth 2.0 and OpenID Connect from Pragmatic Web Security by Dr. Philippe De Ryck

OAuth2 and OpenID Connect: Easy Now from Pluralsight by Roland Guijt

John's OAuth2 and OpenID Connect: Easy Now from Pluralsight by Roland Guijt

API (1)

API Security Architect from API Academy

John's API Security Architect from API Academy

Software Supply Chain Security (SSCS) (3)

Secure Coding: Using Components with Known Vulnerabilities from Pluralsight by Peter Mosmans

John's Secure Coding: Using Components with Known Vulnerabilities from Pluralsight by Peter Mosmans

Security Hot Takes: SBOMs from Pluralsight by Aaron Rosenmund, Brandon DeVault

John's Security Hot Takes: SBOMs from Pluralsight by Aaron Rosenmund, Brandon DeVault

Saviynt Supply Chain Risk Management Training from KnowBe4

John's Saviynt Supply Chain Risk Management Training from KnowBe4

John's Saviynt Supply Chain Risk Management Training from KnowBe4

Container Security (3)

Painless Vulnerability Management from Chainguard

John's Painless Vulnerability Management from Chainguard

NeuVector Basics from Rancher Academy

John's NeuVector Basics from Rancher Academy

Container Infrastructure Analysis with Trivy from Pluralsight by Zach Roof

John's Container Infrastructure Analysis with Trivy from Pluralsight by Zach Roof

Kubernetes (4)

Kubernetes Security: Cluster Setup from Pluralsight by Antonio Jesús Piedra

John's Kubernetes Security: Cluster Setup from Pluralsight by Antonio Jesús Piedra

Kubernetes Security: Cluster Hardening from Pluralsight by Erik Whitaker

John's Kubernetes Security: Cluster Hardening from Pluralsight by Erik Whitaker

Kubernetes Security: Minimizing Microservice Vulnerabilities from Pluralsight by Justin Boyer

John's Kubernetes Security: Minimizing Microservice Vulnerabilities from Pluralsight by Justin Boyer

Kubernetes Security: Implementing Supply Chain Security from Pluralsight by Antonio Jesús Piedra

John's Kubernetes Security: Implementing Supply Chain Security from Pluralsight by Antonio Jesús Piedra

DevOps (1)

Certified DevOps Information Security Engineer (DevOps-SEC) from DevOps Academy

John's Certified DevOps Information Security Engineer (DevOps-SEC) from DevOps Academy

SecOps (5)

Detect, Prioritize, and Remediate Cloud Security Risks with Datadog CSM from Datadog

John's Detect, Prioritize, and Remediate Cloud Security Risks with Datadog CSM from Datadog

Getting Started with APM Metrics & Traces from Datadog

John's Getting Started with APM Metrics & Traces from Datadog

Red Team Operations: Target and Capability Development from Pluralsight by Aaron Rosenmund

John's Red Team Operations: Target and Capability Development from Pluralsight by Aaron Rosenmund

Red Team Tools for Emulated Adversary Techniques with MITRE ATT&CK from Pluralsight by Aaron Rosenmund

John's Red Team Tools for Emulated Adversary Techniques with MITRE ATT&CK from Pluralsight by Aaron Rosenmund

Blue Team Tools: Defense against Adversary Activity Using MITRE Techniques from Pluralsight by Aaron Rosenmund

John's Blue Team Tools: Defense against Adversary Activity Using MITRE Techniques from Pluralsight by Aaron Rosenmund

AWS (6)

AWS: Identity and Access Management from Whizlabs

John's AWS: Identity and Access Management from Whizlabs

Introduction to AWS Identity and Access Management (IAM) from Simplilearn

John's Introduction to AWS Identity and Access Management (IAM) from Simplilearn

Introduction to AWS Trusted Advisor from Simplilearn

John's Introduction to AWS Trusted Advisor from Simplilearn

Getting Started with AWS Security Hub from Simplilearn

John's Getting Started with AWS Security Hub from Simplilearn

Introduction to AWS Security Token Services (STS) from Simplilearn

John's Introduction to AWS Security Token Services (STS) from Simplilearn

Getting Started with AWS Control Tower from Simplilearn

John's Getting Started with AWS Control Tower from Simplilearn

Snyk (1)

Application Analysis with Snyk from Pluralsight by Hiren Gadhvi

John's Application Analysis with Snyk from Pluralsight by Hiren Gadhvi

Vulnerability Examples (5)

Apache Commons Text Vulnerability: What You Should Know from Pluralsight by Bri Frost, Brandon DeVault

John's Apache Commons Text Vulnerability: What You Should Know from Pluralsight by Bri Frost, Brandon DeVault

Atlassian RCE Vulnerabilities: What You Should Know from Pluralsight by Michael Teske, Matthew Lloyd Davies

John's Atlassian RCE Vulnerabilities: What You Should Know from Pluralsight by Michael Teske, Matthew Lloyd Davies

Log4j Vulnerability: What You Should Know from Pluralsight by Bri Frost, Brandon DeVault

John's Log4j Vulnerability: What You Should Know from Pluralsight by Bri Frost, Brandon DeVault

regreSSHion - an OpenSSH RCE Vulnerability: What You Should Know from Pluralsight by Michael Teske, Matthew Lloyd Davies

John's regreSSHion - an OpenSSH RCE Vulnerability: What You Should Know from Pluralsight by Michael Teske, Matthew Lloyd Davies

XZ Backdoor Supply Chain Vulnerability: What You Should Know from Pluralsight by Aaron Rosenmund, Matthew Lloyd Davies

John's XZ Backdoor Supply Chain Vulnerability: What You Should Know from Pluralsight by Aaron Rosenmund, Matthew Lloyd Davies