Application Security Refresher Course
A refresher course for developers who have previous training in application security.
- 2-3 hours
This refresher course is designed for developers who have been previously trained in application security, but need a regular update. We have intended this course for organizations that are required to perform annual developer training for PCI and other compliance mandates. Students will receive access to the lecture to review previous material and to update them on recent application security changes in the industry. This course covers common application security vulnerabilities, including the OWASP Top 10, and related controls and solutions. The material is updated at least once every year to incorporate the latest in application security vulnerabilities, controls, and best practices.
The following serves as a tentative agenda for this class. The class is regularly updated to incorporate the latest information on modern web application concepts and attacks.
- Security is a Full-Stack Responsibility
- OWASP® Risk Rating Methodology
- OWASP® Top Ten
- A1: Injection
- A2: Broken Authentication
- A3: Sensitive Data Exposure
- A4: XML External Entities (XXE)
- A5: Broken Access Control
- A6: Security Misconfiguration
- A7: Cross-Site Scripting (XSS)
- A8: Insecure Deserialization
- A9: Using Components with Known Vulnerabilities
- A10: Insufficient Logging & Monitoring
- Next Steps
Note that each of the OWASP® Top 10 topics include both an explanation of the vulnerability and how to prevent it.
Students attending this class should have previously taken a long-form class on the OWASP® Top 10.
This class is recorded and can be accessed with a modern webbrowser such as Chrome or Firefox
- Covers OWASP® Top 10
- Done in under 3 hours
- Helps meet PCI DSS Training Requirement
- Certificate of Completion
TEAM & GROUP RATE
*Significant discounts for larger groups
- Everything in Individual Rate
- You Manage Student Licenses
- Completion Tracking
- Keep developers updated