After every practical video lesson, trainees must complete the demonstrated attack or defence technique in a live VM environment to advance.
No final exams, tedious cramming or multiple-choice questions. Just effective study and real-world experience in writing more secure code.
Your developers hate their current IT security training. Don’t believe us? Just ask them! Most training platforms are static, tedious and end in a multiple-choice test devoid of any real-world application. For most users, security training programs are a nuisance, not a chance to improve their skills. RCSD focuses on trainee learning experience while improving outcomes.
RCSD delivers the practical knowledge on common web vulnerabilities in short, simple to follow video lessons. After every lesson, Reflare boots a VM that contains a proprietary challenge. To demonstrate retained learning and proceed to the next lesson, the trainee must successfully either attack or defend the system against the taught vulnerability.
Used by start-ups through to Fortune 500 multinationals, delivering PSI-DSS 3.2 compliant developer training has never been easier. No need to worry about ongoing maintenance costs, as RCSD requires no client-side infrastructure, plug-ins or applications. All trainees require to take training is a modern HTML5 enabled browser and an internet connection.
All of the lessons and challenges run entirely on Amazon's AWS infrastructure. This means we can scale to any number of users and you don't need to install any software.
We know that you can only write secure code if you understand how weaknesses are abused. RCSD teaches trainees both the practical attack and defence skills needed to improve the quality of their work.
You pay per trainee per training. No hidden fees or yearly costs for content updates. You decide if and when you want to retrain one of your developers.
Allow your users to train at a time that suits them. On site, on the road or at home, all that is required is an internet connection in a modern HTML5 browser.
Add your trainee, set your completion date, and leave the rest to us. We take care of trainee commencement, tracking and deadline reminders. Your easy-to-use admin interface allows you to track group and individual developers' progress.
| RCSD Lessons for Developers - Stage A |
|---|
| Lesson 1: Introduction & How-To |
| Lesson 2: Input Validation - Cross-Site Scripting (XSS) |
| Lesson 3: Client Side Input Validation |
| Lesson 4: Input Validation - SQL Injection (SQLi) |
| Lesson 5: Input Validation - Command Injection (CMDi) |
| Lesson 6: Input Validation - File Uploads |
| Lesson 7: Input Validation - Remote File Inclusion (RFI) |
| Lesson 8: Forced Browsing |
| Lesson 9: Directory Traversal |
| Lesson 10: Authentication |
| Lesson 11: Session Management |
| Lesson 12: Authorization |
| Lesson 13: Sniffing, MITM & SSL |
| Lesson 14: Open Redirects |
| Lesson 15: Cross-Site Request Forgery (CSRF) |
| Lesson 16: Information Leakage |
| Lesson 17: Browser Security Measures |
| Lesson 18: Simple Scanner Usage |
| Lesson 19: Closing Thoughts |
| RCSD Lessons for Developers - Stage B |
|---|
| Lesson 1: XPath Injection |
| Lesson 2: Buffer Overflows |
| Lesson 3: Secure Cryptographic Storage |
| Lesson 4: Encrypted Databases |
| Lesson 5: Logging |
| Lesson 6: Environment Separation |
| Minimum time commitment to complete RCSD training: 4 hours. |
|---|
For training administrators, explore Reflare’s Administrator (RCSA) program. Individual IT security
awareness modules and a range of compliance training bundles are also available for non-tech Employees (RCSE).
“A solution that so easily combines learning materials with hands on experience of the training topic. Like no other product on the market.”
Branimir Pacar - CEO.
Dot.Bit Information Security Services
Another Ecstatic Reflare Certified Secure Developer
Ready to learn more? We are here to help!
Message our team to book a virtual consultation.
Send us a direct message from your email account.
Please include the nature of your inquiry and contact
method you would prefer us to use to respond.
Email Us
If you wish to avoid the email song and dance
and speak with us directly, then simply click below to
schedule a 30 minute virtual meeting at a time that suites you.
Schedule meeting
