Security / Governance, Risk & Compliance

Application security for developers - from basics to advanced techniques

The training combines theory and practice in securing applications at all levels of their operation. Participants will learn about the most common attack vectors and methods to protect against them through practical workshops and exercises. The program covers both basic aspects of security and advanced techniques for securing applications. The class is conducted in a workshop format, where 70% of the time is devoted to practical exercises.

Issues

OWASP Top 10 and SANS Top 25
Techniques for securing web applications
Authentication and authorization protocols
Cryptography in applications
REST API security
User session management
Validation of input data
Security against XSS and CSRF attacks.
Secure data storage
Application security monitoring
Application penetration testing
Compliance with safety regulations

Benefits

The participant will learn to identify and eliminate vulnerabilities in application code at an early stage of software development
He or she will gain practical skills in implementing security mechanisms against the most popular attacks
Will learn advanced application security testing techniques and will learn to use them in everyday work
Will be able to design and implement secure solutions in accordance with industry best practices
Will obtain the knowledge to independently conduct code security audits
Will gain the ability to effectively respond to and document security incidents

Who is this training for?

Web application developers getting started with security

Developers with experience looking to expand their knowledge with security aspects

Systems architects responsible for designing secure solutions

DevOps engineers implementing security practices

Application security testers

Software team leaders overseeing security aspects

Technical Project Managers

Prerequisites

Knowledge of at least one programming language
Basic knowledge of web application development
Understand basic network protocols (HTTP, HTTPS)
Experience working with version control systems

Training program

Security models and industry standards
Principles of secure application design
Overview of security testing tools

Validation and sanitization of input data
Session handling and user authentication
Protection against common attacks (XSS, CSRF, SQL Injection)

Advanced security techniques
Implementation of multi-level authentication

Securing communication between components
Monitoring and logging of security events
Security testing and maintenance
Application security testing methodologies

Responding to security incidents
Managing security updates

Delivery Methods

Online

Convenience of participating from anywhere
Interactive live sessions with trainer
Materials available for 30 days
No travel costs

On-site

Direct contact with trainer and group
Intensive hands-on workshops
Networking with other participants
Full focus on learning

Frequently asked questions

What are the prerequisites for this training?

For Application security for developers - from basics to advanced techniques we recommend: Knowledge of at least one programming language; Basic knowledge of web application development; Understand basic network protocols (HTTP, HTTPS).

What is the format and duration of this training?

The training lasts 3 days and is available in online and on-site format. Sessions run from 9:00 AM to 4:00 PM. We can also customize the schedule to fit your team's needs.

Who is this training designed for?

This training is designed for: Web application developers getting started with security; Developers with experience looking to expand their knowledge with security aspects; Systems architects responsible for designing secure solutions.