Explore KSACs by Pathway
Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.
In late 2025, the Partnership pulled together members of industry from across tech to share how the in-demand skillsets for entry-level roles in their fields have changed in the last two years. The KSACs below reflect their feedback on entry-level expectations, especially in a tech workplace increasingly shaped by AI.
10. Secure Coding Principles
| Label | KSAC Description | Bloom's Taxonomy Level | |
|---|---|---|---|
| a | Identify common coding errors that lead to insecure programs (e.g., buffer overflows, memory leaks, malicious code) and apply strategies for avoiding such errors. | skill | 3 |
| b | Knowledge of principles of cybersecurity. | knowledge | 2 |
| c | Understanding of secure coding principles. | knowledge | 3 |
| d | Apply the principles of least privilege, defensive programming, and fail-safe defaults. | ability | 3 |
| e | Ability to determine what information can and more importantly can not be logged (e.g. compliance considerations). | knowledge | 2 |
| f | Write code with logging capabilities. | skill | 2 |
| g | Awareness of Defensive programming. | knowledge | 1 |
| h | Understand basics of securing web apps - SQL Injection and other input validation (parameterized queries, ORM safety, and input sanitization). | knowledge | 3 |
| i | Ability to determine the origins of open source code. | ability | 3 |
| j | Understand software bill of materials (SBOM). | knowledge | 2 |
| k | Understanding and contextualizing sectoral differences between developing for public sector and private sector. | knowledge | 2 |
| l | Understand supply-chain security (dependency risks, package integrity). | knowledge | 1 |
| m | Understand secure API design, authentication flows (OAuth2, JWT), and session handling. | knowledge | 1 |
Credentials
- N/A