NIST Archives

COD 245 – Securing NoSQL Cloud Databases (NEW)

25 Minutes

0.4 CPE

AWA 106 – Building Secure Software: Challenges in Application Security (NEW)

5 Minutes

0.1 CPE

AWA 107 – Building Secure Software: Foundations & Best Practices (NEW)

15 Minutes

0.3 CPE

AWA 108 – Building Secure Software: A Guide to Software Integration, Testing, and Deployment (NEW)

20 Minutes

0.4 CPE

LAB 638 – Using Mimikatz

15 Minutes

0.3 CPE

LAB 639 – Using an Exploit Framework via Command Line Interface

15 Minutes

0.3 CPE

LAB 354 – Defending Go Applications Against Improper Authentication

15 Minutes

0.3 CPE

LAB 350 – Defending Go Applications Against SQL Injection

15 Minutes

0.3 CPE

LAB 352 – Defending Go Applications Against Cross-Site Scripting

15 Minutes

0.3 CPE

DES 270 – Mitigating OWASP Mobile Top 10 Risks

30 Minutes

0.6 CPE

COD 325 – Protecting Data in C# for .NET Core

30 Minutes

0.6 CPE

COD 310 – Securing ASP.NET Core Applications

20 Minutes

0.4 CPE

LAB 633 – Using an Exploit Framework for Web Application Scanning

30 Minutes

0.6 CPE

DES 250 – Secure Software Acceptance and Deployment

25 Minutes

0.5 CPE

LAB 340 – Defending C Applications Against Use After Free

15 Minutes

0.3 CPE

LAB 341 – Defending C++ Applications Against Use After Free

15 Minutes

0.3 CPE

LAB 347 – Defending C Applications Against Null Pointer Dereference

15 Minutes

0.3 CPE

LAB 329 – Defending Go Applications Against SSRF

15 Minutes

0.3 CPE

LAB 333 – Defending Go Applications Against Hard-coded Credentials

15 Minutes

0.3 CPE

LAB 338 – Defending Go Applications Against CSRF

15 Minutes

0.3 CPE

LAB 339 – Defending Go Applications Against Path Traversal

15 Minutes

0.3 CPE

LAB 342 – Defending TypeScript Applications Against Command Injection

15 Minutes

0.3 CPE

LAB 343 – Defending Go Applications Against Command Injection

15 Minutes

0.3 CPE

LAB 344 – Defending TypeScript Applications Against Incorrect Authorization

15 Minutes

0.3 CPE

LAB 345 – Defending Go Applications Against Incorrect Authorization

15 Minutes

0.3 CPE

LAB 346 – Defending TypeScript Applications Against Deserialization of Untrusted

15 Minutes

0.3 CPE

LAB 626 – Using an Exploit Framework for SQL Injection

30 Minutes

0.6 CPE

LAB 627 – Using an Exploit Framework for Port Scanning

15 Minutes

0.3 CPE

LAB 628 – Using an Exploit Framework for SMB Version Scanning

15 Minutes

0.3 CPE

LAB 629 – Using an Exploit Framework for SNMP Scanning

15 Minutes

0.3 CPE

API 351 – Securing Kubernetes in the Build and Release Stages

25 Minutes

0.5 CPE

LAB 327 – Defending C Applications Against Path Traversal

5 Minutes

.25 CPE

LAB 328 – Defending C++ Applications Against Path Traversal

5 Minutes

.25 CPE

LAB 616 – ATT&CK: Host Vulnerability Scanning

15 Minutes

.25 CPE

LAB 620 – ATT&CK: Advanced Exploit of Remote Services

30 Minutes

.25 CPE

LAB 625 – ATT&CK: Advanced Exploit of Public-Facing Application

30 Minutes

.25 CPE

COD 268 – Mitigating TypeScript Application Vulnerabilities

30 Minutes

.5 CPE

DES 364 – Mitigating Low-Code/No-Code Authentication and Secure Communication Failures

20 Minutes

.5 CPE

COD 304 – Principles of C++ Memory Safety

25 Minutes

.5 CPE

COD 306 – C++ Memory Safety: Debugging Tools and Techniques

20 Minutes

.5 CPE

LAB 206 – Defending Python Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 207 – Defending Node.js Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 208 – Defending C# Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 619 – ATT&CK: Exfiltration Over C2 Channel

30 Minutes

.6 CPE

COD 215 – Mitigating .NET Application Vulnerabilities

25 Minutes

.5 CPE

CYB 213 – Generative AI Privacy & Cybersecurity Risk

30 Minutes

.6 CPE

LAB 301 – Defending Java Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 302 – Defending Python Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 303 – Defending C# Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 304 – Defending Node.js Applications Against Open Redirect

5 Minutes

.25 CPE

LAB 305 – Defending Java Applications Against Weak Password Reset

5 Minutes

.25 CPE

LAB 306 – Defending Python Applications Against Weak Password Reset

5 Minutes

.25 CPE

LAB 307 – Defending C# Applications Against Weak Password Reset

5 Minutes

0.25 CPE

LAB 308 – Defending Node.js Applications Against Weak Password Reset

5 Minutes

.25 CPE

LAB 309 – Defending TypeScript Applications Against Unrestricted Upload of File with Dangerous Type

5 Minutes

.25 CPE

LAB 314 – Defending TypeScript Applications Against SSRF

5 Minutes

.25 CPE

LAB 316 – Defending TypeScript Applications Against Hard-coded Credentials

5 Minutes

.25 CPE

LAB 320 – Defending TypeScript Applications Against Code Injection

5 Minutes

.25 CPE

LAB 325 – Defending TypeScript Applications Against CSRF

5 Minutes

.25 CPE

LAB 326 – Defending TypeScript Applications Against Path Traversal

5 Minutes

.25 CPE

COD 288 – Java Public Key Cryptography

20 Minutes

0.5 CPE

LAB 287 – Defending Java Applications Against Null Pointer Dereference

10 Minutes

.25 CPE

LAB 288 – Defending C# Applications Against Null Pointer Dereference

10 Minutes

.25 CPE

LAB 289 – Defending Java Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 290 – Defending Python Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 291 – Defending Node.js Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 292 – Defending C# Applications Against Path Traversal

10 Minutes

.25 CPE

LAB 293 – Defending Java Applications Against Integer Overflow

10 Minutes

.25 CPE

LAB 294 – Defending C# Applications Against Integer Overflow

10 Minutes

.25 CPE

LAB 617 – ATT&CK: Testing for Plaintext Secrets in Files

12 Minutes

.25 CPE

LAB 618 – ATT&CK: Log Analysis

12 Minutes

.25 CPE

API 251 – Implementing Web Application and API Protection (WAAP)

35 Minutes

0.75 CPE

DES 361 – Mitigating LCNC (Low-Code/No-Code) Account Impersonation

20 Minutes

.5 CPE

DES 362 – Mitigating LCNC (Low-Code/No-Code) Authorization Misuse

20 Minutes

.5 CPE

LAB 201 – Defending Java Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 202 – Defending Python Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 203 – Defending C# Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 204 – Defending Node.js Applications Against Canonicalization

5 Minutes

.1 CPE

LAB 205 – Defending Java Applications Against XPath Injection

5 Minutes

.1 CPE

LAB 275 – Defending Java Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 276 – Defending Python Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 277 – Defending Node.js Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 278 – Defending C# Applications Against Command Injection

10 Minutes

0.25 CPE

LAB 279 – Defending Java Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 280 – Defending Python Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 281 – Defending Node.js Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 282 – Defending C# Applications Against Dangerous File Upload

10 Minutes

0.25 CPE

LAB 283 – Defending Java Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 284 – Defending Python Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 285 – Defending Node.js Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 286 – Defending C# Applications Against RegEx DoS

10 Minutes

0.25 CPE

LAB 612 – ATT&CK: Testing for Network Services Identification

12 Minutes

0.25 CPE

LAB 613 – ATT&CK: Testing for Vulnerability Identification Using Vulnerability Databases

12 Minutes

0.25 CPE

LAB 137 – Identifying Improper Authorization

5 Minutes

0.25 CPE

LAB 138 – Identifying Authorization Bypass Through User-Controlled Key

5 Minutes

0.25 CPE

LAB 139 – Identifying Use of a Key Past its Expiration Date

5 Minutes

0.25 CPE

CYB 310 – Using Cyber Supply Chain Risk Management (C-SCRM) to Mitigate Threats to IT/OT

40 Minutes

0.75 CPE

CYB 311 – Threat Analysis with AI

20 Minutes

0.5 CPE

ENG 320 – Using Software Composition Analysis (SCA) to Secure Open-Source Components

20 Minutes

0.5 CPE

LAB 133 – Identifying Exposure of Sensitive Information Through Environmental Variables

5 Minutes

0.25 CPE

 Home/ Course Catalog/ Subject Matter/NIST

NIST

Courses

Training & Product

Solutions

About Us