OWASP 2017 Application Security Training

The growth of data entrusted to web applications and transferred or preserved on mobile devices and apps has made understanding secure coding practices and principles a critical mission of developers, architects, testers and managers. The days of relying on firewalls to protect an organization are past.

Proper protection and defenses of web and mobile application reduces costs and increases the reputation of your organization.

ELC has partnered with Infrared Security to offer industry leading training for developers and development managers.  The training is designed to teach how to robustly defend your organization’s web and mobile applications. Our training emphasizes secure coding practices and principles from both a “technical” and “less-technical” perspective.  Defenses for a multitude of security issues are covered in depth across multiple languages and platforms.

Our courses are intended for anyone tasked with implementing, protecting or managing web applications enabling proper protection of your organization’s assets.

  • Technical modules feature code-level guidance across many programming languages designed to teach users to identify, diagnose, remediate and eliminate web and mobile application security risks.
  • Less technical modules are designed to provide managers and general users the principles and knowledge needed to ensure web and mobile applications security.
  • Courses cover a wide range of topics with role-specific learning paths.
  • SCORM compliant library can be hosted in your internal LMS or accessed within our 24/7 cloud-based hosting environment.

Sign me up to demo:

Application Security:




Coding Security:







Security Awareness Training for Employees

Topics:

Injection, Broken Authentication and Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, Cross-Site Request Forgery (CSRF), Using Components with Known Vulnerabilities, and Unvalidated Redirects and Forwards.

APP SEC TRAINING PROGRAM

OWASP 2017 Top Ten for Developers

Duration: 5 hour(s) of content, approximately 8 hour(s) to complete
Audience: Software Engineers, Software Architects and Software Testers
Overview:  Participants of this course will gain a foundational understanding of application security and secure programming practices based on the threats and vulnerabilities outlined in the Open Web Application Security Project’s Top Ten document.

OWASP 2017 Top Ten for Managers

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Managers
Overview:  Participants of this course will gain a foundational understanding of Application security based on the threats and vulnerabilities outlined in the Open Web Application Security Project’s Top Ten document.

OWASP TOP TEN 2013-2017 DELTA FOR DEVELOPERS

Duration:  1 hour(s) to complete
Audience:  Software Managers
Overview:  Participants of this course will gain a foundational understanding of application security and secure programming practices based on the threats and vulnerabilities outlined in the Open Web Application Security Project’s Top Ten 2017 document; for students who have already completed the OWASP Top Ten 2013 for Developers module.

Defensive Enterprise Remediation

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Engineers, Software Architects and Software Testers
Overview:  Participants of this course will gain a foundational understanding of mitigating specific classes of vulnerability with emphasis on the Java and C# programming languages.

Threat Modeling

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Architects and Security Engineers
Overview:  Participants of this course will gain an understanding of the threat modeling process and how it is used to identify and prioritize threats.

Building Secure ASP.NET Applications

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Engineers and Software Architects
Overview:  Participants of this course will gain a foundational understanding of writing secure software on ASP.NET based platforms.

Building Secure Mobile Applications

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Engineers and Software Architects
Overview:  Participants of this course will gain a foundational understanding of how to build secure mobile applications targeting the iOS and Android platforms.

Building Secure JavaScript Applications

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Engineers and Software Architects
Overview:  Participants of this course will gain a foundational understanding of writing secure software using JavaScript for both the client and the server.

Building Secure JAVA EE Applications

Duration: 1 hour of content, approximately 1.5 hour(s) to complete
Audience: Software Engineers and Software Architects
Overview:  Participants of this course will gain a foundational understanding of writing secure software on Java Enterprise Edition based platforms.

INTEGRATING SECURITY THROUGHOUT THE SDLC

Duration:  1 hour(s) to complete
Audience:  Software Managers
Overview:  Participants will understand the most important and essential security activities which can be conducted throughout the SDLC to reduce security issues.

Are you ready to train your Team?

Development Security Training is smart business practice. Investing in online application security training courses is a smart investment that protects your development business against damaging security breaches and client litigation.

Learn the OWASP Top 10 Security Vulnerabilities

This series of eLearning modules focuses on the most common security vulnerabilities and attack vectors facing application developers today as defined by the OWASP Top Ten. Participants of these modules will explore the OWASP Top Ten through detailed analysis of real-world examples, rich visualizations of attacks, as well as detailed discussions of mitigation strategies with supporting code examples. After completing these modules, participants will be able to more readily identify, mitigate, and prevent common security vulnerabilities within their own applications.