Secure Web Development Training

Design and build secure applications to OWASP standards.

Course Overview

Websites are under constant attack and it’s incredibly easy for a developer or administrator to make seemingly minor mistakes that have catastrophic consequences. In this two-day course, the latest attacks and defenses will be explained and discussed. The course focuses on participants gaining an understanding of the OWASP Top 10 with plenty of online and practical, hands-on lab exercises attacking web applications using industry standard security testing tools. Plus, you'll get advice on mitigating those same and more advanced attacks.

 

This course is suitable for

  • • Web Developers
  • • Software Testers
  • • Project Managers
  • • Business Analysts
  • • Operations Staff
SESSION 1
15 Minutes

Introduction & Welcome

Introductions, workstation setup and general housekeeping.

SESSION 2
1 Hour

Security Fundamentals

This section focuses on understanding security fundamentals such as risk, confidentiality, integrity, and availability, and ethical hacking. It also discusses real-world hacks.

SESSION 3
5 Hours

OWASP Top 10

This hands-on section focuses on formulating, executing, and defending attacks from the OWASP Top 10 using our dedicated lab environments. Investigating how payloads are created and why applications break, we also discuss industry recommended vulnerability mitigation strategies.

SESSION 4
30 Minutes

Questions & Wrap-up

Our trainers answer any questions, clarify any covered security topics or re-cap any of the day’s content.

SESSION 1
15 Minutes

Introduction & Welcome

Recap on previous day.

SESSION 2
2 Hours

Cryptography

This section focuses on understanding the mathematic principles and concepts required to implement cryptography securely. Real world examples will be used to highlight weaknesses in common cryptographic implementations and understanding which algorithms and protocols should be used to address specific privacy or security requirements.

SESSION 3
3 Hours

Secure Software Development Lifecycle

This session focuses on the tasks that must take place at each step during development, who performs them and how to integrate the activities into your current development environment. It is based around Agile process and includes a practical threat modelling exercise.

SESSION 4
2 Hours

Advanced Attacks

This hands-on section focuses on advanced attacks against applications and infrastructure, and the result of chaining seemingly innocuous, low risk vulnerabilities together.

SESSION 5
30 Minutes

Questions & Wrap-up

Our trainers answer any questions, clarify any covered security topics or re-cap any of the day’s content.

Get more information

Get in touch to find out more about our security training courses.