Application Security for Developers

Who Should Attend

• Software developers at junior, mid, or senior levels
• Technical leads and software architects responsible for secure design
• Development teams seeking to embed security within their software lifecycle
• Teams managing both legacy and modern applications
• Those wanting to integrate secure practices into Agile or DevOps workflows

Prerequisites

• Basic understanding of software development concepts
• Familiarity with at least one programming language
• Understanding of web application architecture
• No prior security experience required

What You Will Learn

• Why secure development is essential in modern software environments
• Understanding the OWASP Top 10 and common developer pitfalls
• Core threat modelling concepts and the STRIDE framework
• Securing authentication and authorisation mechanisms
• Protecting data at rest and in transit
• Identifying and mitigating common vulnerabilities (XSS, SQL injection, IDOR)
• Conducting secure source code reviews
• Integrating security requirements into Agile workflows

Course Outline

Labs & Practical Exercises

This course includes extensive hands-on activities, including: Practical threat modelling of real application features, exploiting and remediating more than ten common vulnerabilities using professional security tools, reviewing and securing insecure code in sandboxed environments, simulated red-team exercises led by experienced penetration testers, and a final capture the flag challenge to reinforce and test learning outcomes.

Certification & Assessment

There are no formal exams in this course. Instead, learners complete interactive labs, practical challenges, and a competitive capture the flag activity to test their skills. Knowledge checks and guided discussions ensure participants can apply their learning to real-world projects. Certificate of Completion provided.