Coding Labs helps developers advance their secure coding skills through hands-on training with intuitive feedback. Developers can advance their secure coding skills in a one-of-a-kind fully powered in-browser IDE. When Coding Labs are added to Courses, developers are given the opportunity to practice the knowledge they have gained during the course.
- For more information on Coding Labs see Coding Labs Overview
- For more information on editing published courses see How to Edit a Course
To add a Coding Lab to a Course
Labs are available in: (additional languages in development)
- C# (.Net) Core
- C# (.Net) Web API
- Java Enterprise Edition (Basic)
- Java Spring
- Java Spring API
- Javascript Node.js (Express)
- JavaScript React
- Python Django
- TypeScript Node.js(Express)
- TypeScript React
Coding Labs are available in the following templates for either all or some of the languages listed above:
- Introductory Course
- Introduction to OWASP Top 10 Awareness (with latest updates from the Web top 10 2021)
- In-depth OWASP Top 10 Awareness (with latest updates from the Web top 10 2021)
- PCI DSS v4.0 Recommendations
- Secure Code Warrior Recommendations
- Security Measures for "EO-Critical Software" Use Under Executive Order (EO) 14028
- Storyline OWASP TOP 10 2021
- PCI DSS v3.2.1 Recommendations
Step 1
Create a new course and add a supported language, or;
Edit an existing course that already contains a supported language, or;
Edit an existing course and add a supported language.
Step 2
Select Course Content and then select a course module that contains content related to one of the supported OWASP Top 10 vulnerabilities:
- Access Control: Missing Function Level Access Control
- Authentication: Improper Authentication
- Cross-Site Scripting (XSS): Stored Cross-Site Scripting
- File Upload Vulnerability: Unrestricted File Upload
- Injection Flaws: Path Traversal
- Injection Flaws: SQL injection
- Injection Flaws: OS Command Injection
- Insecure Cryptography: Insecure Randomness
- Insufficient Logging and Monitoring
- Mass Assignment
- Sensitive Data Storage: Plaintext Storage of Passwords
- Server-Side Request Forgery: Server-Side Request Forgery (SSRF)
- Unvalidated Redirects and Forwards: Unvalidated Redirects and Forwards
- Vulnerable Components: Using Components From Untrusted Source
- XML External Entities (XXE)
Step 3
Select the ellipsis next to the right of the module name and select Add activity
Step 4
Select Coding lab and then select the required Category and Subcategory
Step 5
Select Apply changes. The selected Coding Lab will be added to the module.
Related Links:
Comments
0 comments
Please sign in to leave a comment.