Introduction to Secure Web Coding (Sydney)

22 Feb 2018
Cost per person (ex gst): 
1 day

About the course

This one-day course provides an introduction to the principles of secure coding for the web with a focus on the OWASP Top Ten vulnerabilities and how to protect against them. This course is a mix of theoretical and hands-on content that will involve identifying and exploiting vulnerabilities.
The course is designed to cover web applications (internet, intranet or extranet) in a language agnostic manner.

At the end of the course, attendees should have:

  • Gained an understanding of the principles of secure coding for the web
  • An appreciation for common security vulnerabilities and how to prevent them
  • Knowledge of how to look for security vulnerabilities


Course Outline


  • Security standards
  • Secure coding principles

OWASP Top 10

  • A1    Injection
  • A2    Broken Authentication and Session Management
  • A3    Cross-Site Scripting
  • A4    Insecure Direct Object References
  • A5    Security Misconfiguration
  • A6    Sensitive Data Exposure
  • A7    Missing Function Level Access Control
  • A8    Cross-Site Request Forgery
  • A9    Using Components with Known Vulnerabilities
  • A10  Unvalidated Redirects and Forwards

Target Audience

Developers, Architects, Administrators & Technical Testers.

Less technical but interested participants are welcome, although they will get the most out of the course if they can attend with a technical colleague to share the lab work.


A good understanding of how a typical web application works and knowledge of at least one web language.


Download Introduction to Secure web coding course description (pdf)

Register now >