Application security training

To reduce the number of security issues in the code, you need to begin with the people

We deliver workshops, lectures, tests, and consultations for:

• managers and team leads – on how to organize Secure SDLC process, procedures and artifacts; how to plan, manage and report security activities, and how to communicate security issues effectively;
• software architects and analysts – on how to derive security requirements from any business requirements and formulate them correctly, how to develop security architecture and secure design based on security requirements, and how to define security controls for software solutions;
• software developers – on how to interpret and implement security requirements, what are secure development best practices in general, what are secure practices for specific platforms, and how to avoid programming mistakes leading to security vulnerabilities;
• software testers – on how to plan and perform security testing including identification and validation of basic security bugs in applications, and how to ensure the implementation of security requirements.

Secure SDLC training can be well combined with any other Application Security service. For example, with penetration testing, security analysis of source code, and product, service, and DevOps security.

Training programmes

Below are the popular training programmes that we teach. You can download sample descriptions for most of them:

1. Secure Software Development Basics and OWASP vulnerabilities (2 to 4 hours)
2. Secure Software Development Basics and Models (SAMM, BSIMM, Microsoft, ISC2 CSSLP) (8 hours)
3. Secure Software Development Lifecycle for the PHP developers (6 days)
4. JavaScript and Frontend Web security (1 day)
5. Secure Agile Software Development for the JavaScript, ASP.NET and .NET/C# Technology Stack (3 days)
6. Secure software development training for Android and iOS technology stack (2 days)
7. Backend Security (1 day)
8. Python Security (6 hours)
9. Java Security (6 hours)
10. Security best practices for system administrators and DevOps (1 day)
11. Reverse engineering (5 days)
12. Penetration testing (2 days)
13. Security training for QA (testers)
14. Malware analysis
15. IT and information security management
16. Other web application security technologies

Check out our additional services and business cases. Send the form below to request a typical or individual training programme. Get a free consultation.