The bearer of this certificate earned 300 total points
by completing secure coding labs through Veracode Security Labs.
Labs are a form of secure code training that
involves hands-on-keyboard
exercises, where users demonstrate their abilities to exploit and patch
code using real applications.
Waheed Ayubi
5bd0e2512a
10 Dec 2025
The following labs were completed toward certification:
| Lab Name | Topic Name | Language | Points |
|---|---|---|---|
| Really, really bad passwords | OWASP API 2: Broken Authentication |  NodeJS | 10 |
| Really, really bad passwords | OWASP API 2: Broken Authentication |  Java | 10 |
| Terrible Password Challenge | OWASP API 2: Broken Authentication |  .NET | 10 |
| One ID to Access All Objects | OWASP API 1: Broken Object Level Authorization | Java | 10 |
| Terrible Password Challenge | OWASP API 2: Broken Authentication | Java | 10 |
| One ID to Access All Objects | OWASP API 1: Broken Object Level Authorization | .NET | 10 |
| One ID to Access All Objects | OWASP API 1: Broken Object Level Authorization | NodeJS | 10 |
| Terrible Password Challenge | OWASP API 2: Broken Authentication | NodeJS | 10 |
| Stronger IDs | OWASP API 1: Broken Object Level Authorization | .NET | 10 |
| Really, really bad passwords | OWASP API 2: Broken Authentication | .NET | 10 |
| Retrieval Without Validation | OWASP API 7: Server-Side Request Forgery [SSRF] | NodeJS | 10 |
| Stronger IDs | OWASP API 1: Broken Object Level Authorization | Java | 10 |
| Gift Cards at Risk | OWASP API 10: Unsafe Consumption of APIs | NodeJS | 10 |
| Stronger IDs | OWASP API 1: Broken Object Level Authorization | NodeJS | 10 |
| Slow Down | OWASP API 2: Broken Authentication | NodeJS | 10 |
| Slow Down | OWASP API 2: Broken Authentication | Java | 10 |
| Slow Down | OWASP API 2: Broken Authentication | .NET | 10 |
| Brute Force Challenge | OWASP API 2: Broken Authentication | NodeJS | 10 |
| Bugs in Debug | OWASP API 3: Broken Object Property Level Authorization | NodeJS | 10 |
| Revealing Schemas | OWASP API 3: Broken Object Property Level Authorization | NodeJS | 10 |
| Bad Design Compromises Security | OWASP API 3: Broken Object Property Level Authorization | NodeJS | 10 |
| Neglected endpoints | OWASP API 5: Broken Function Level Authorization | NodeJS | 10 |
| Denial of Service | OWASP API 4: Unrestricted Resource Consumption | NodeJS | 10 |
| eXternal Entity (injection) | OWASP API 8: Security Misconfiguration | NodeJS | 10 |
| Jot down this key | OWASP API 8: Security Misconfiguration | NodeJS | 10 |
| Secret Admin Challenge | OWASP API 8: Security Misconfiguration | NodeJS | 10 |
| eXternal Entity (injection) | OWASP API 8: Security Misconfiguration | Java | 10 |
| Unprotected Deployments | OWASP API 9: Improper Inventory Management | NodeJS | 10 |
| The Great Referral Quest | OWASP API 6: Unrestricted Access to Sensitive Business Flows | .NET | 10 |
| XML is always a Challenge | OWASP API 8: Security Misconfiguration | NodeJS | 10 |