Tried, Tested and Proven



Description of the Course

This course is designed to offer developers an insight into the various security flaws that are common within web applications. The course will explain and demonstrate vulnerabilities that are commonly found, including the OWASP top ten, and will instruct attendees on the techniques to avoid or remediate these issues.

This is a 2 day course.

Delegate Requirements

Minimum Skills Needed

A background in application development and design is highly recommended;

An understanding of why application security is important.


As part of the course delivery, participants will need to access a purpose built test environment, in which techniques can be practiced. Therefore, participants will require:

Laptop with local administrator access and permission to load 3rd party software onto it. Hire laptops available on request for an additional fee;

A bootable image will be provided as part of the course materials and can be used as the operating system for the duration of the course. Candidates may also use their own preferred build.


What will be covered in the course (overview):

The identification of common web application vulnerabilities, including the OWASP top ten, and a demonstration of their impact;
How to avoid or remediate such vulnerabilities;
A final exercise to identify and fix the covered vulnerabilities.

What will be covered in the course (specifics):

Explain the common vulnerabilities, demonstrate them, explain / show how to fix them;
Vulnerabilities covered will include the OWASP top ten;
Input filtering;
Cross site scripting;
SQL injection;
Bounds checking;
Logic flaws;
CSRF protection;
Session handling;
Exercise in finding and fixing the suggested vulnerabilities.





Cost (per participant)

Secure application development n/a 2 £1,200