Logically Speaking May 2020
May 20, 2020

Welcome to Logically Speaking. What's the one thing all application developers need to know? The answer: Security by Design. This issue focuses on Cyber Secure Coder: where it fits with other programming courses; how it helps application developers put security first, last, and always; why application developers need to learn Security by Design; resources for teaching CSC, and more. 

In this issue:

Give Your Students What They Need to Know: How to Code Securely

by Jon O'Keefe, MCCT, Technology Education Jedi

If you’re already teaching programming, CertNexus Certified Cyber Secure Coder® (Exam CSC-210) is the perfect addition to your training portfolio. Any person who does application development and design needs to know how to code, and that’s why they’ve come to you to learn Python, .Net, HTML5, JavaScript, or any of the other languages that you teach. The one missing component from that programming curriculum is a course that focuses on “Security by Design” best practices and how to handle the OWASP Top 10.

In this increasingly Agile and DevOps driven world, an extra emphasis has been placed on application developers building security into each phase of their projects. It is no longer enough to have code that “works” and place security on top of it. Security of an applications starts with the developer having a foundational understanding of “Security by Design” best practices.

Cyber Secure Coder is the answer to this. It is a vendor neutral, “Security by Design” principles course that uses object-oriented programming languages like Python and JavaScript for its examples. With Cyber Secure Coder added to your coding curriculum, you can offer students mastery of these programming languages as well as mastery of security best practices, how to design around the OWASP Top 10, and how to develop applications with an Agile or DevOps framework in mind.

Secure Coding: A Must Have for EVERY Developer

by Jim Gabalski, Vice President Sales and Marketing

Application Developers create solutions that live on many platforms—cell phones, tablets, personal computers, servers, the cloud—but they all do the same thing, they write code!

Whether developers are programming in C, C++, C#, Python, Java, .NET, JavaScript, HTML, Perl, or any other language, they are creating applications that are likely not “Secure by Design.” Security by Design principles can be generally applied to any language a developer is coding in. Cyber Secure Coder from CertNexus, and offered by Logical Operations, teaches developers about general coding vulnerabilities that undermine security, how to identify and remediate security defects in code, how to design software to deal with the human element of security, and how to incorporate security into all phases of application development.

Cyber Secure Coder (CSC) is a perfect complement to any introductory or advanced programming/application development course. Your best candidates live in software architecture, design, development, and testing roles. Offering CSC as an add-on to a programming class or as part of a programming bundle is a great strategy to help your application development students create solutions that are Secure by Design.

VBA and CSC: A Great Curriculum Fit

by Brian Wilson, Senior Instructional Designer

The CertNexus Certified Cyber Secure Coder® (Exam CSC-210) course helps you employ security principles and best practices that are applicable in any coding or scripting environment.  

For example, it would make a great companion piece for Logical Operations’ upcoming 3-day offering, Programming and Data Wrangling with VBA and Excel®. This course is designed for those who want to use VBA to enhance and extend the capabilities of Microsoft Excel, by automating tasks such as collecting data from external sources, cleaning and manipulating data, and creating custom visualizations. VBA gives you the power to accomplish these and other repetitive tasks that would be cumbersome, difficult, or even impossible with worksheet functions alone. 

Logical Operations will also release a 1-day version, VBA with Microsoft® Excel®, which is an excellent concise training option if you are looking to gain the basic foundational skills to create and use VBA in your own Excel workbooks.

Pair either course with CSC to help ensure that your VBA workbook enhancements are solid and secure.  


CHOICE Platform Support for Virtual and Asynchronous Delivery 

by Nancy Curtis, Vice President, Content

If you’re a training provider who offers any form of developer/coder instruction, the CertNexus Certified Cyber Secure Coder® (Exam CSC-210) course is a valuable addition to your portfolio. CSC can help the developers, software testers, and technical project managers in your learner community acquire valuable secure-coding skills, gain a credential of distinction, and build a career path.  

Because CSC is based on general best practices and is not dependent on a specific language or environment, there is a great opportunity to offer it in conjunction with:

  • Vendor courses, such as .NET training from Microsoft or Java from Oracle
  • Logical Operations’ own CHOICE materials covering open languages like Python or HTML5
  • Cloud developer paths from AWS, Google, and others
  • Legacy languages like C or C++
  • Or any other coding or scripting-related training

Proper security practices are rarely covered within skills-based training programs or even as part of academic computer science tracks. With CSC as part of your training offerings, you can make sure that your learners employ crucial secure coding skills regardless of language or environment.


Latest Product Releases

Cyber Secure Coder (CSC) (Exam CSC-210)

Python Programming: Introduction

Python Programming: Advanced

HTML5: Content Authoring Fundamentals

For a complete list of current and updated courses, download the Product Summary Guide.


Get Your Instructors Ready to Teach CSC

by Jon O'Keefe, MCCT, Technology Education Jedi

To help prepare your instructors to offer CertNexus Certified Cyber Secure Coder® (Exam CSC-210), our partner, CertNexus, has made the following available to trainers:

  • Free CSC eLearning
  • Free Digital Instructor Train the Trainer Bundle for CSC
  • 50% off Labs and Exam Vouchers for CSC

You can sign up for this offer at: https://certnexus.com/instructor-elearning


Customize Your Content with No Setup Fee

To navigate your business through these uncertain times, Logical Operations is extending the offer of Digital Custom Content with no setup fees through May 31st.

What does this mean? 

  • If you need a New Custom Order, we will waive the setup fee.
  • You will only pay the digital book price.

This will give you the ability to save on shipping and setup fees, and you can distribute the custom access keys to your students safely and effectively via email where they can study remotely.
If there were ever a time to try a Custom Class, now is it. You won’t be disappointed. Please feel free to reach out to me for solutions to meet your ever-changing business needs. 
Stay safe and healthy. 

cprint@logicaloperations.com | 800-456-4677—Option 4 | Direct: 585-350-7014

Meet Shea Brock

I started my IT and Software career as a middle-school home hobbyist back in the 1990s. I remember being dropped off from driver's ed at my first professional job coding web applications in Visual Basic while in high school back in Massachusetts. When I moved to Rochester to attend RIT in 1999, I was working for Honeywell as a webmaster and continued working remotely from my dorm room. Staying in Rochester through the 2000s, I worked as a contractor at several tech companies including IBM, Xerox, and Thomson West. In 2007, I started at Logical Operations as a Software Engineer.

In my current role as Software Architect and Director of IT, my team and I are responsible for the design, development, deployment, and maintenance of our internal and external software and technology resources. It is a great pleasure to lead an agile team that excels at meeting the needs of both the business and our customers while striving to bring innovation and new technologies into our environment. We will frequently evaluate available open-source tools and platforms to integrate with our software environment to bring new features forward or provide new solutions for the business. Evaluating the security of these tools and ensuring that our integrations follow best security practices is of paramount importance to maintaining our agility and avoiding technical debt as well as protecting our business, our clients, and their data.