Secure Programming of Web Applications for Developers and TPMs

Overview

Secure Programming of Web Applications for Web Developers and Technical Project Managers. This e-learning course is designed for developers and technical management, focusing on secure coding practices to identify vulnerabilities and integrate security in their software development lifecycle of Web Applications.

Course Content (SCORM)

• Introduction to secure coding/programming
• Common vulnerabilities
• Security of web applications
• Security baselines
• Secure programming patterns / defensive programming techniques
• Implement robust and secure coding practices
• Attack demos
• Relevant for: Web Development, Web applications, Cloud services, Web services

Material SCORM Demo Offline Demo With eBook Also on Udemy

Requirements

• Web Application Knowledge is a huge plus
• Being a Developer is mandatory!

Summary

Understand Application Security: Numerous successful attacks on well-known web applications on a weekly basis should be reason enough to study the background of "Web Application Security" of custom-made or self-developed applications.

Computer systems are ubiquitous and part of our working and private everyday life. For companies it is increasingly complex and difficult to keep up their IT security with the current technical progress. Large enterprises establish security processes which are created according to industry standards (e.g., ISO 27001). These processes are very complex and can only be implemented by teams of security experts. Constant quality assurance, maintenance and adaptation also belong to an IT security process.

It does not matter if a company develops products or runs an online shop, IT security is a characteristic feature. Security incidents, which maybe even reach public uncontrolled, do not only damage the business image but may also lead to legal or financial consequences.

• Intro
• Typical Vulnerabilities Overview
• Cause & Background
• Secure Programming in general
• Code/Command Injection in general
• (No)SQL Code Injection
• Cross-Site Request Forgery (CSRF)
• Cross-Site Scripting (XSS)
• Open Redirection
• File Inclusion / Directory Traversal
• Clickjacking
• Session-Hijacking
• Information Disclosure
• Attacks on Weaknesses of the Authentication
• Denial of Service
• Middleware
• Third-Party Software
• Summary and Conclusion

Instructor Frank Hissen, Computer Scientist and Security Expert, teaches IT security for over 20 years and works for companies of all sizes as IT Security Consultant and Software Engineer.

eBook (PDF)

Click image for preview

Last Update

03/2025

Languages/Subtitles

• English
• Arabic (العربية)
• Chinese (中文)
• German (Deutsch)
• Spanish (Español)
• French (Français)
• Hindi (हिन्दी)
• Indonesian (Bahasa Indonesia)
• Japanese (日本語)
• Korean (한국어)
• Polish (Polski)
• Portuguese (Português)
• Romanian (Română)
• Russian (Русский)
• Thai (ไทย)
• Turkish (Türkçe)
• Vietnamese (Tiếng Việt)

We are happy to create additional subtitles mostly free of charge! Just contact us.

Course materials

Video content (92min), mobile-optimized/responsive; Appendix, Course Assessment, eBook