Artificial Intelligence (AI)
Automotive Security
Client and Desktop Applications
Hardware Security
Industry Standards
Internet of Things (IoT)
Just-In-Time Developer Training
Mainframe Applications
Mobile Applications
Operational & Deployment Security
Regulatory and Compliance
Web Applications and Services
Artificial Intelligence (AI)
Artificial Intelligence (AI)
- NIST AI Risk Management Framework (RMF)
- OWASP Top 10 for Large Language Model (LLM) Applications
Automotive Security
Automotive Security
- Automotive Security: United Nations Economic Commission for Europe [UNECE] World Forum for Harmonization of Vehicle Regulations (WP.29) Regulation 155 (R155) for Cyber Security Management System (CSMS), ISO 21434 & ISA 62443-4-2 – Automotive Cybersecurity
- Connected cars communication protocols, secure update, privacy, access control, and encryption requirements.
Client and Desktop Applications
Client and Desktop Applications
- .NET 6
- C/C++ (POSIX and Microsoft)
Hardware Security
Hardware Security
- Hardware, firmware, and embedded device controls
- Hardware problems based on CWE 4.3 weaknesses
Industry Standards
Industry Standards
- ASD-STIG 5
- ASVS 4.0
- CWE TOP 25, 2023
- CWE 4.13
- CWE/SANS Top 25, 2020
- CVSS 3
- MDS2-2013
- OWASP Top 10 2017
- OWASP API Top 10, 2019
- NIST 800-53r4 (Granular Mandates)
- NIST 800-53r5
- NIST 800-82 Industrial Control Systems
- NIST 800-95 Web Services
- NIST 800-147/800-155 BIOS/FW
- NIST 800-171 Non Federal Systems
- U.S. Federal Government: Control Correlation Identifier (CCI)
Internet of Things (IoT)
Internet of Things (IoT)
- Authentication and Access Control
- Bluetooth
- Communication Protocols: MQTT, XMPP, AMQP, Thread, HyperCat, ZigBee, Pub/Sub
- Availability and Systems DoS Protection
- RFID Solutions
- WiFi
- Consumer IoT: ETSI EN 303 645
Just-In-Time Developer Training
Just-In-Time Developer Training
- Appsec Fundamentals
- CCPA for Software Development
- Continuous Compliance
- Defending .NET
- Defending AI
- Defending Android
- Defending ASP.NET Core in C#
- Defending C
- Defending Cloud-based Application
- Defending Databases
- Defending Django
- Defending HTML5
- Defending iOS
- Defending Java
- Defending JSP
- Defending Node.js
- Defending PHP
- Defending Python
- Defending Web APIs
- Defending Web Apps
- GDPR for Developers
- Microservices
- Mobile Security Fundamentals
- OpSec Fundamentals
- OWASP Top 10 2017
- PCI-DSS Compliance
- PCI Secure Software Lifecycle
Mainframe Applications
Mainframe Applications
- COBOL
- Secure Development Guidelines
Mobile Applications
Mobile Applications
- Android Framework (Java and Kotlin)
- Flutter / Dart
- iOS Framework (Objective-C and Swift)
- OWASP Mobile ASVS
Operational & Deployment Security
Operational & Deployment Security
- Amazon Web Services (AWS)
- Apache HTTP Server
- Apache Tomcat Server
- AWS API Gateway
- AWS Cognito
- AWS Kinesis Data Firehose and Data Streams
- AWS Lambda
- AWS WAF
- AWS SQS and AWS RDS
- Azure AKS
- Docker
- Google Cloud Platform
- Infrastructure as Code (IaC): Ansible
- Kubernetes
- Microservices Infrastructure
- Microsoft Azure
- Microsoft IIS Server
- Microsoft SQL Server
- MySQL
- OpenShift
- Oracle database
Regulatory and Compliance
Regulatory and Compliance
Privacy Related:
- Anti-Spam Guidelines/CASL
- Brazilian LGPD
- California Consumer Privacy Act (CCPA) and California Privacy Right Act (CPRA) (California Civil Code)
- California Online Privacy Protection Act (CalOPPA)
- CNIL Cookie Guidelines
- COPPA
- EU Privacy and Cookie Laws
- GAPP
- GDPR (&/UK)
- New York Shield Act (S5575B)
- NIST 800-53 Privacy Controls
- PIPEDA/ECPA/CAN-SPAM
Web Applications and Services
Web Applications and Services
- Apex for Force.com
- C#, Visual Basic.NET, ASP.NET
- GoLang
- C/C++
- COBOL
- HTML5 and CSP
- Java SE / EE
- Java Libraries and Frameworks: (ESAPI, Struts, Spring, Apache Wicket, Hibernate)
- JavaScript (Angular, React, Node)
- JSP, Servlets
- PHP
- Python (Django)
- Ruby on Rails
- Rust
- GraphQL
- TypeScript
- OAuth and OIDC
- SOAP & REST APIs
- XML & YAML Security