Fulfills PCI DSSv3 6.5 Compliance Requirement


  • Role based training perfect for managers, developers, architects and testers emphasizing secure coding practices and principles
  • Richly animated entertaining stories make these educational modules extremely enjoyable to watch
  • Purchase full access to our library of security eLearning courses or buy them one at a time
  • Participants gain a deep understanding of major risks inherent to web and mobile applications
  • Defenses for each security issue covered in depth across multiple languages and platforms


PCI DSSv3 6.5 Compliance

Infrared Security’s eLearning offerings fulfill your PCI compliance requirements for developers. But beyond that, developers love to learn from Infrared Security’s Online application security training series.Throughout the various modules, we highlight the risks associated with the processing of credit card information throughout the various application layers. Information gleaned from this series can be used to produce secure coding guidelines needed to enforce consistent secure programming practices throughout your organization. Learn how achieving PCI compliance spans people, process, and technology today!

Are you looking for Information Security Awareness training for your entire staff? We have it.

Learn More

“My team was unexpectedly hit with a PCI audit by a potential Client, and our Application Security Training program really helped us shine.”
Director of Training – Credit Financial Services
“The development teams were extremely receptive to these training materials… not something we experienced in the past with our previous vendor.”
CISO – Investment Financial Services
“I’m seeing a measurable improvement in the secure development skills of my team after integrating Infrared training in our process.”
VP of Engineering – Automotive Services
This 11 part, 5 hour online application security training course focuses on the most common security vulnerabilities and attack vectors facing application developers today as defined by the OWASP Top Ten. Learners will experience detailed analysis of real-world examples, rich visualizations of attacks, as well as detailed discussions of mitigation strategies with supporting secure coding examples. After completing these modules, participants will be able to more readily identify, mitigate, and prevent common security vulnerabilities within their own applications.

A1 – INJECTION: Learn how to identify and secure the use of interpreters with a focus on SQL Injection.

A2 – BROKEN AUTHENTICATION AND SESSION MANAGEMENT: Learn about the most common attacks used against identity verification and management controls.

A3 – CROSS-SITE  SCRIPTING (XSS): Learn about the most prevalent vulnerability facing developers today – Cross-Site Scripting.

A4 – INSECURE DIRECT OBJECT REFERENCES: Learn about the risks of exposing sensitive resource identifiers without proper authorization verification.

A5 – SECURITY MISCONFIGURATION: Learn about the core principles needed to properly secure environmental configuration files.

A6 – SENSITIVE DATA EXPOSURE: Learn about data classification and sensitive data management throughout the application layers.

A7 – MISSING FUNCTION LEVEL ACCESS CONTROL: Learn how to design, implement, and integration function level access control API.

A8 – CROSS-SITE REQUEST FORGERY (CSRF): Learn how the synchronizer token pattern can thwart the sleeping giant that is Cross-Site Request Forgery.

A9 – USING COMPONENTS WITH KNOWN VULNERABILITIES: Learn about the need for visibility into the security of 3rd party components used by applications.

A10 – UNVALIDATED REDIRECTS AND FORWARDS: Learn how validation and indirection can be used to verify redirect and forward destinations.


Individual Courses

Interested in only a one or two courses? We offer each of the eight available Application Security Training courses for sale individually.

Build a Solid and Scalable Educational Program

eLearning for your entire development team:

Education is the cornerstone of any modern application security program.  Developers, managers, architects and testers must be fully aware of a large variety of attacks and, more importantly, how to defend your organization’s web and mobile applications through secure coding practices.  With that in mind, Infrared Security has built the most effective, educational and entertaining application security e-learning platform on the market: Infrared Spectrum.  Infrared Spectrum distills innumerable live classes into highly effective and engaging e-learning material that will instill core security knowledge into your staff and management team.  

Infrared Spectrum is a full application security educational platform, featuring security learning tracks for “technical” and “less-technical” participants.  Technical modules feature code-level guidance across many programming languages. Participants of our offerings will be able to more readily identify, mitigate, and prevent common security vulnerabilities within their applications and their software development lifecycles (SDLC).


  • Participants gain a deep understanding of major risks inherent to web and mobile applications
  • Defenses for each security issue covered in depth across multiple languages and platforms
  • Courses cover a wide range of topics with role-specific learning paths
  • Hosted within our 24/7 cloud-based hosting environment

Learn More

Back to Top


KMI Learning provides our clients with the expertise and technology they need to deploy, market and manage great outward-facing Online Academies and inward-facing employee learning programs.


330 West Spring Street
Columbus, Ohio 43215
Phone: 614-224-0664

Request a demo

First Name

Last Name