Key Areas of Competency:

  • Threat detection
  • OWASP security standards
  • Glassbox scanning, cross-site scripting, broken authentication, cross-site request forgery
  • Threat analysis and protection


  • Basic web development knowledge
  • Basic knowledge on HTML and HTTP
  • Basic knowledge of application security


Basic understanding of:

  • Threat detection
  • Threat analysis
  • Web Security fundamentals

Skills Roadmap

Gain insights into key industry skills and competencies by utilizing these roadmaps to enhance and transform curriculum for new collar jobs.

  Cyber Security Overview

Security Overview, Trends, Case Studies

Emerging threats and leaks

Security standards and frameworks

  Cyber Security Foundations

HTML5 and JavaScript programming

  • Understand the differences between HTML4 and HTML5
  • List some HTML document API properties and methods
  • Understand how scripting is enabled in browsers
  • Understand browser support for HTML5 features

JavaScript programming

Describe JavaScript primitives and objects

  • Explain how variables are declared and used
  • Describe JavaScript control structures
  • document object model (DOM) hierarchy

SQL relational database, objects and tables

  • Work with JOINs
  • Understand relational database concepts
  • Learn how to work with Entity-Relationship diagrams
  • Understand constraints and explain injection flaws and SQL Injection attack
  • Describe the cybersecurity assessment and response

  Web Development & Application Security Overview

Web application components and security issues

  • Understand security operations optimizations and implementation
  • Understand how to identify and access management

Data and application/SDLC overview

Infrastructure and endpoint security services overview

Understand managed security services

OWASP web application security attack classification

Broken authentication and session management attacks

  • Understand Session hijacking and fixation
  • Weak session management, authentication management and prevent hijacking
  • Cross Scripting attacks and phishing attacks – identification and prevention methods

Identify sensitive data exposure issues, and missing function-level access control attacks

Explain cross-site request forgery (CSRF)

  • Testing using OWASP’s CSRFTester tool

Configure scans, review results, and reporting methods

  Testing Services

Security misconfiguration

Vulnerability testing, scanning and threat modeling

Glass Box testing

Make your courses IBM Digital badge eligible.

Key software and other resources

Free IBM software, platforms, and services

Please visit to register. Once registered
you can download the full suite of IBM Cloud for free.

Other tools and system requirements

Other tools and system requirements

Explore IBM Skill Accelerator Roadmaps

Click here to learn more about how IBM can partner with your campus