The bearer of this certificate earned 300 total points
by completing secure coding labs through Veracode Security Labs.
Labs are a form of secure code training that
involves hands-on-keyboard
exercises, where users demonstrate their abilities to exploit and patch
code using real applications.
Stefan Uzunov
60e70cf8c0
19 Oct 2023
The following labs were completed toward certification:
| Lab Name | Topic Name | Language | Points |
|---|---|---|---|
| The Art of Redirection | General Application Security: CWE-601 Open Redirects |  NodeJS | 10 |
| React string sanitization | General Application Security: Common React Pitfalls | NodeJS | 10 |
| Sneaky links | General Application Security: Common React Pitfalls | NodeJS | 10 |
| Dangerously set HTML links | General Application Security: Common React Pitfalls | NodeJS | 10 |
| Sleeping With the Enemy | OWASP 8: Software and Data Integrity Failures |  .NET | 10 |
| To Protect and To Serve Secure Cookies | OWASP 1: Broken Access Control | .NET | 20 |
| Bugs in Debug | OWASP 2: Cryptographic Failures | NodeJS | 10 |
| Own the Database | OWASP 3: Injection | NodeJS | 10 |
| Parameterize all the things | OWASP 3: Injection | .NET | 10 |
| Parameterize all the things | OWASP 3: Injection | NodeJS | 10 |
| Can you see your reflection? | OWASP 3: Injection | NodeJS | 10 |
| Down with Uploads | OWASP 3: Injection | NodeJS | 20 |
| Stored XSS versus CSP | OWASP 3: Injection | .NET | 20 |
| Stored XSS versus CSP | OWASP 3: Injection | NodeJS | 20 |
| Can you keep a secret? | OWASP 5: Security Misconfiguration | NodeJS | 10 |
| eXternal Entity (injection) | OWASP 5: Security Misconfiguration | .NET | 10 |
| eXternal Entity (injection) | OWASP 5: Security Misconfiguration | NodeJS | 10 |
| Suspicious Packages | OWASP 6: Vulnerable and Outdated Components | .NET | 10 |
| Suspicious Packages | OWASP 6: Vulnerable and Outdated Components | NodeJS | 10 |
| Tell Mongo "no-go" for untrusted code | OWASP 8: Software and Data Integrity Failures | NodeJS | 10 |
| To Protect and To Serve Secure Cookies | OWASP 1: Broken Access Control | NodeJS | 10 |
| Get there from here | OWASP 10: Server-Side Request Forgery | NodeJS | 10 |
| Valid Deficit | OWASP 4: Insecure Design | NodeJS | 10 |
| Loose Lips Sink Servers | OWASP 1: Broken Access Control | NodeJS | 10 |
| Valid Deficit | OWASP 4: Insecure Design | .NET | 10 |
| Get there from here | OWASP 10: Server-Side Request Forgery | .NET | 10 |