Home / Services / Security for Developers
Training
πŸ”

Security for Developers

Applied security fundamentals for development: OWASP Top 10, authentication and authorization, secrets management and dependency auditing.

OWASPAuthSecurityAppSec
Request proposal β†’ View all services
16h Total hours
2 days Duration
OWASP Based on

Security is the developer’s responsibility

Security isn’t just an infra or security team problem. Vulnerabilities are born in the code, and the person who can prevent them most efficiently is the developer β€” if they know what to look for.

Curriculum

Day 1 β€” Common Vulnerabilities

  • OWASP Top 10: the most critical vulnerabilities
  • SQL Injection, XSS, CSRF in practice
  • Broken Authentication and Session Management
  • Lab: controlled vulnerability exploitation

Day 2 β€” Defense and Best Practices

  • Secure authentication: JWT, OAuth 2.0, PKCE
  • Authorization: RBAC and ABAC
  • Secrets management: how not to leak credentials
  • Dependency auditing (npm audit, Snyk, Dependabot)
  • Security in REST and GraphQL APIs
  • GDPR for developers

Practical approach

The differentiator of this training is the exploitation lab: participants exploit vulnerabilities in a controlled environment before learning to fix them. Seeing the attack in practice is what makes the defense memorable.

What's included

  • βœ“ Security reference guide for developers
  • βœ“ Security checklist for code review
  • βœ“ Real vulnerability examples and how to fix them
  • βœ“ Controlled vulnerability exploitation lab
  • βœ“ Certificate of completion
  • βœ“ Q&A channel for 30 days