Application Security Engineer - Author Award for Professionals 2017 - 2019 - Badge
Name
Application Security Engineer - Author Award for Professionals 2017 - 2019.
Issuer
IBM.
Description
The badge earner has significantly contributed to the authoring of courseware: labs; exams; quizzes; virtual machines; etc. The course objective is to teach students how to scan & test web applications for the identification and analysis of vulnerabilities & attacks; using IBM AppScan Standard. The author has developed assets that teach students topics such as OWASP web application security standards; SQL injection flaws; cross-site scripting; sensitive data exposure; and Glass box scanning.
Badge Criteria
What it takes to earn this badge:
- Expected to be an Information Technology professional working for IBM an IBM Customer or Business Partner and attending the IBM Skills Academy.
- Subject Matter Expertise of topics in Module I - Cyber Security Overview: Covering Security Overview Trends Case Studies Security standards and framewks.
- Subject Matter Expertise of topics in Module II - Cyber Security Foundations: Covering Application Security Technologies: - HTML5 and JavaScript Programming - SQL Relational database objects and tables.
- Subject Matter Expertise of topics in Module III - Application Security Analyst: Web application security threats OWASP attack classifications SQL injection attacks Broken authentication Cross-site Scripting Insecure direct object reference Sensitive data exposure Cross-site request fgery Security in the software development lifecycle Automated security scans and test Vulnerability testing Repting Scanning sites that use JavaScript and Flash Glass box Troubleshooting AppScan.
- The above expertise must be demonstrated by holding a professional certification and/ have 5 years of experience in the application development a relevant field.
- Validated contribution to the development of assets of the course components by the wld wide IBM education program leader.
Tags
Skills indicated by the badge
Insecure Direct Object Reference|Security Misconfiguration|Sensitive Data Exposure|Function-level Access Control|Cross-site Request Forgery|Unvalidated Redirects|SDLC|Security Vulnerabilities|IBM AppScan Standard|Security Scans|Application Scans|Ethical Hacking|Vulnerability Testing|Threat Modeling|Glass Box|Web Services|SDK|AXF|Web Application Security|Security Breach|OWASP Classifications|WASC Classification|Security Testing|HTML|Scripting|Web2.0|AJAX|HTTP|Injection Flaws|SQL Injection|Broken Authentication|Session Hijacking|Cross-site Scripting