Secure Development Training

We don’t expect developers to become security experts. Our hope is for internal definitions of “QA” to mature in a way that allows for security expectations to become synonymous with development practices.

Created for Developers, By Developers

Our interactive, two-day course provides a combination of lecture, hands-on security testing, manual code review, and remediation of well-known application vulnerabilities.

Attendees will learn how to design and code secure web solutions via defense-based code samples and explore the use of third-party security libraries and secure design review concepts.

Taught by security practitioners with years of multi-platform development experience, our secure development training will broaden awareness and standards for combatting critical (avoidable) business risks.

Key Learning Objectives

  • An understanding of top web application vulnerabilities
  • How to defend against top web application vulnerabilities
  • How to store passwords securely
  • How to implement injection mitigation techniques
  • Understanding the limits of HTTPS and mitigation
  • Building modern access controls for multi-tenancy
  • Building a secure authentication mechanism
  • How to implement modern security headers
  • How to implement modern symmetric cryptographic storage
  • How to implement modern asymmetric cryptography
  • Building an injection-safe user interface
  • Building injection-safe server-side applications
  • How to implement input validation and output encoding
  • How to implement multi-layered CSRF and clickjacking defense

Certifications

Put an ELITE Highly-Trained Team on Your Side

More than 70% of our workforce consists of tenured cybersecurity engineers, architects and consultants