• Online, Instructor-Led
Course Description

The Security Journey Yellow Belt takes your technical staff deeper into the topics that are most critical to keeping your products and applications secure. Security Yellow Belt provides an understanding of secure design principles, a deep-dive into attacks and attackers, and a roadmap for how to use all the pieces of a successful application security program. Unleash your inner security person by earning the Security Journey Yellow Belt.

About: Security Journey is the leader in application security education using security belt programs. We guide our clients - many in tech, healthcare, and finance - to building long-term, sustainable security culture. We incorporate everything you need to deploy and manage an education program. Our cloud-based platform delivers application security lessons from an ever-growing library of content, provides hands-on, immersive experiments measures student and organizational growth, reward student achievements, and transforms an enterprise's security culture. Using the Security Journey conversational approach, students learn through real security people sharing their passion for security. We promote security awareness organization-wide with learning that is engaging, motivating, and fun. In short, we provide security education developers, testers, and managers love.

Learning Objectives

  • The most important principles of security: secure design, input validation, authentication, authorization, logging, and cryptography
  • How to combat the most common and dangerous kinds of attacks: OWASP Top 10, buffer overflows, denial of service, and the social engineering techniques hackers use to breach systems
  • The tools and processes that will uncover and mitigate vulnerabilities: threat modeling, static and dynamic analysis, vulnerability scanning, pen testing, and more


Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Program/Project Management and Acquisition
  • Risk Management
  • Software Development
  • Systems Architecture
  • Systems Development
  • Training, Education, and Awareness