Certificate - Security Labs

The bearer of this certificate earned 300 total points by completing secure coding labs through Veracode Security Labs. Labs are a form of secure code training that involves hands-on-keyboard exercises, where users demonstrate their abilities to exploit and patch code using real applications.

Graham Griffiths

5fea13fb0f

15 Jan 2021

The following labs were completed toward certification:

Lab Name	Topic Name	Language	Points
Terrible Password [DEPRECATED] Challenge	OWASP 2017 A2: Broken Authentication [DEPRECATED]	NodeJS	10
Bad Cookie [DEPRECATED] Challenge	OWASP 2017 A5: Broken Access Control [DEPRECATED]	NodeJS	10
Can you keep a secret? [DEPRECATED]	OWASP 2017 A6: Security Misconfiguration [DEPRECATED]	NodeJS	10
Hash it, store it, salt - upgrade it [DEPRECATED]	OWASP 2017 A2: Broken Authentication [DEPRECATED]	Python Django	10
XML is always a challenge [DEPRECATED] Challenge	OWASP 2017 A4: XML External Entities (XXE) [DEPRECATED]	Python Django	10
The Art of Redirection	General Application Security: CWE-601 Open Redirects	NodeJS	10
No Going Back Challenge	General Application Security: CWE-601 Open Redirects	NodeJS	10
Helpful Stack Trace [DEPRECATED] Challenge	OWASP 2017 A3: Sensitive Data Exposure [DEPRECATED]	Python Django	10
Authentication Bypass [DEPRECATED]	OWASP 2017 A2: Broken Authentication [DEPRECATED]	NodeJS	10
Check your sources [DEPRECATED]	OWASP 2017 A7: Cross-Site Scripting (XSS) [DEPRECATED]	Java	20
Own the database [DEPRECATED]	OWASP 2017 A1: Injection [DEPRECATED]	.NET	10
Parameterize all the things [DEPRECATED]	OWASP 2017 A1: Injection [DEPRECATED]	.NET	10
Bobby Tables [DEPRECATED] Challenge	OWASP 2017 A1: Injection [DEPRECATED]	.NET	10
Really, really bad passwords [DEPRECATED]	OWASP 2017 A2: Broken Authentication [DEPRECATED]	.NET	10
Fix the Sessions [DEPRECATED]	OWASP 2017 A5: Broken Access Control [DEPRECATED]	Java	10
eXternal Entity (injection) [DEPRECATED]	OWASP 2017 A4: XML External Entities (XXE) [DEPRECATED]	.NET	10
To Protect and to Serve Secure Cookies [DEPRECATED]	OWASP 2017 A5: Broken Access Control [DEPRECATED]	.NET	20
Jot down this key [DEPRECATED]	OWASP 2017 A6: Security Misconfiguration [DEPRECATED]	.NET	10
Bulky Updates [DEPRECATED]	OWASP 2017 A6: Security Misconfiguration [DEPRECATED]	Rails	10
Bugs in Debug [DEPRECATED]	OWASP 2017 A3: Sensitive Data Exposure [DEPRECATED]	.NET	10
Can you see your reflection? [DEPRECATED]	OWASP 2017 A7: Cross-Site Scripting (XSS) [DEPRECATED]	.NET	10
Down with Uploads [DEPRECATED]	OWASP 2017 A7: Cross-Site Scripting (XSS) [DEPRECATED]	.NET	20
Stored XSS versus CSP [DEPRECATED]	OWASP 2017 A7: Cross-Site Scripting (XSS) [DEPRECATED]	.NET	20
Timing is everything [DEPRECATED] Challenge	OWASP 2017 A1: Injection [DEPRECATED]	Python Django	10
Secret Logging [DEPRECATED] Challenge	OWASP 2017 A3: Sensitive Data Exposure [DEPRECATED]	Python Flask	10
External Resolution [DEPRECATED] Challenge	OWASP 2017 A4: XML External Entities (XXE) [DEPRECATED]	Python Flask	10
Secret Admin [DEPRECATED] Challenge	OWASP 2017 A6: Security Misconfiguration [DEPRECATED]	Python Flask	10

Veracode Security Labs Champion Level 3 Certificate