RCSD Curriculum

(Reflare Certified Secure Developer)

IT Security Training for Developers

PCI-DSS 4.0 compliant security training with live challenges in the cloud.

After every practical video lesson, trainees must complete the demonstrated attack or defence technique in a live VM environment to advance.

No final exams, tedious cramming or multiple-choice questions. Just effective study and real-world experience in writing more secure code. 


Click to get started

Advantages & Benefits

  • Upload Icon

    Runs in the cloud

    All of the lessons and challenges run entirely on Amazon's AWS infrastructure. This means we can scale to any number of users and you don't need to install any software.

  • Flag Icon

    Real world skills

    We know that you can only write secure code if you understand how weaknesses are abused. RCSD teaches trainees both the practical attack and defence skills needed to improve the quality of their work.

  • Money Icon

    Per user licensing

    You pay per trainee per training. No hidden fees or yearly costs for content updates. You decide if and when you want to retrain one of your developers.

  • World Icon

    Anyplace, Anytime

    Allow your users to train at a time that suits them. On site, on the road or at home, all that is required is an internet connection in a modern HTML5 browser.

  • Statistics Icon

    Track Progress

    Add your trainee, set your completion date, and leave the rest to us. We take care of trainee commencement, tracking and deadline reminders. Your easy-to-use admin interface allows you to track group and individual developers' progress.

RCSD Lessons for Developers - Stage A
Lesson 1: Introduction & How-To
Lesson 2: Input Validation - Cross-Site Scripting (XSS)
Lesson 3: Client Side Input Validation
Lesson 4: Input Validation - SQL Injection (SQLi)
Lesson 5: Input Validation - Command Injection (CMDi)
Lesson 6: Input Validation - File Uploads
Lesson 7: Input Validation - Remote File Inclusion (RFI)
Lesson 8: Forced Browsing
Lesson 9: Directory Traversal
Lesson 10: Authentication
Lesson 11: Session Management
Lesson 12: Authorization
Lesson 13: Sniffing, MITM & SSL
Lesson 14: Open Redirects
Lesson 15: Cross-Site Request Forgery (CSRF)
Lesson 16: Information Leakage
Lesson 17: Browser Security Measures
Lesson 18: Simple Scanner Usage
Lesson 19: Closing Thoughts
RCSD Lessons for Developers - Stage B
Lesson 1: XPath Injection
Lesson 2: Buffer Overflows
Lesson 3: Secure Cryptographic Storage
Lesson 4: Encrypted Databases
Lesson 5: Logging
Lesson 6: Environment Separation
Minimum time commitment to complete RCSD training: 4 hours.

For training administrators, explore Reflare’s Administrator (RCSA) program. Individual IT security awareness modules and a range of compliance training bundles are also available for non-tech Employees (RCSE).

“A solution that so easily combines learning materials with hands on experience of the training topic. Like no other product on the market.”

Branimir Pacar - CEO.

Dot.Bit Information Security Services

Another Ecstatic Reflare Certified Secure Developer

Book a demo

Ready to learn more? We are here to help!
Message our team to book a virtual consultation.

Send us a direct message from your email account.
Please include the nature of your inquiry and contact
method you would prefer us to use to respond.

Email Us

If you wish to avoid the email song and dance
and speak with us directly, then simply click below to
schedule a 30 minute virtual meeting at a time that suites you.

Schedule Meeting