Develop with a defense mindset. Understand how web applications work and learn to protect them from design to production.
Interested in training your team with this program?
Request a Proposal View PresentationDon't leave security for the end. Learn to inject vulnerability testing directly into code and harden systems before production deployment.
What is software, how web applications work (client-server, HTTP, APIs) and why security matters from the design phase.
In-depth analysis of the most critical vulnerabilities: from injections and XSS to broken access control and SSRF.
Static code analysis (SAST) and dynamic runtime testing (DAST). Tools, differences and when to use each.
JWT authentication, OAuth2, Rate Limiting, input validation and defense against data exposure in REST APIs.
Security integration in the pipeline: secrets scanning, SCA (dependency analysis) and secure containers.
STRIDE, DREAD and data flow diagrams. How to identify risks before writing the first line of code.