Reading to support the learning in this course is as follows/in this order:
Chapter 1 - to learn all the basics for this course. If you don't already know security basics, read this before starting. It will make the course easier on you.
Chapter 9 - If you do not already follow these habits, start now. It is preferable that you read this before starting the course, if possible, so that you can benefit from having better personal digital security sooner.
Optional: Chapters 2, 3, 4 and 5 - you will want to cover these all of topics as part of your advocacy and developer education efforts. In fact, distributing or sharing copies of this book with your developers, with support from the AppSec team for questions and clarification, would be excellent support for your devs.
Chapter 6 - testing apps for security is an extremely important part of any AppSec program, you will want to learn about the different types and how to get started.
Optional: Chapter 8 - this information could be very helpful if your IT shop is using any of these newer types of technologies, so you can teach your devs the best practices.
Chapter 7 - to help you create your AppSec program
Chapters 10 and 11: After the course is complete
Or you could just read the entire book from start to finish. Whatever works for you!
This second course build upon level 1 with how to scale your team, train your developers, and create a culture at your organization where security is part of everyone's job. Then we will learn how to measure and improve our AppSec program, plus do a couple of case studies. Then we use this information to add to your AppSec program goals and work plan as the final project. Product Description.PDF