Secure Coding

This curriculum is designed to guide you step by step to acquire the knowledge and skills necessary for proper preparation in ensuring application security in an ever-evolving environment. Each theoretical and practical module has been developed to provide you with a detailed understanding of cyber threats, both from the perspective of the programmer writing the application and that of a potential attacker.

Lessons duration

Self-paced

Lessons difficulty

Beginner

Participation Requirements

This is a beginner-level course; therefore, only basic computer and internet usage skills are required to participate.

Additionally, the tools and software used throughout the course sessions are open-source or free, available without licensing for anyone.

Skills Acquired Upon Completion of the Course

  • Ability to identify and remedy potential vulnerabilities in source code, as well as assess associated risks
  • Competence in enhancing security levels and reducing the risk of potential attacks within developed applications
  • Enhancement of the capability to adhere to security best practices and promote a security culture in all stages of application development

Trainer:

Andrei Ștefănescu

Andrei has over 20 years of experience in IT. He started his career as a system administrator in a television station. The varied requirements allowed him to interact with the IT field in every relevant branch.

 

His experience grew in areas such as hardware, networking, software development, databases, computer administration with Windows (Server and Workstation), Linux, and OSX operating systems.

 

Over time, Andrei has held various key positions (Team Leader, IT Manager), having the opportunity to train and coordinate dozens of young people eager to evolve in the IT field. When cybersecurity became an independent, industry-recognized branch, Andrei focused his energy in that direction, becoming a cybersecurity consultant for various public and private entities.

 

As a consultant, Andrei has had the opportunity to conduct over 200 penetration tests (both at the application and infrastructure levels). He has also been called upon several times to help stop/analyze a cyber attack. In addition to his Red/Blue team activities, Andrei has been a speaker/coordinator at workshops (some with over 100 participants) aimed at development teams, helping them improve their workflow.

Details

Participation Fee: £1,450

During the course, each participant will have access to a computer, virtual lab, notebooks, and writing tools.

Food, water, juices, coffee, and snacks will be provided by the organizers.

AVAILABLE COURSE DATES

Not available
Join Now

Course schedule & chapters

  1. THEORETICAL MODULE: Basic Principles in Secure Coding & Application Security
  2. THEORETICAL & PRACTICAL MODULE: Threat Modeling
  3. THEORETICAL MODULE: Identifying Security Vulnerabilities in Code
  4. THEORETICAL MODULE: Introduction to OWASP TOP 10
  5. PRACTICAL MODULE: Practical Examples of OWASP TOP 10
  6. THEORETICAL MODULE: Introduction to OWASP API Security TOP 10
  7. PRACTICAL MODULE: Practical Examples of API Security with OWASP TOP 10
  8. THEORETICAL MODULE: Best Practices Specific to Certain Programming Languages
  9. PRACTICAL MODULE: Exploitation and Remediation of Vulnerabilities in Applications
  10. THEORETICAL & PRACTICAL MODULE: Best Practices in DevSecOps
  11. THEORETICAL & PRACTICAL MODULE: Security Automation in CI/CD through SAST & DAST Integration