Secure Coding Workshop
Get your developers up to speed to protect your applications against dangerous attacks and costly data breaches.

Keep Your Organization Safe

Web applications and software vulnerabilities are the top two ways external attacks are carried out. Yet, even the top universities either don’t offer secure coding education as part of their curriculum or don’t require secure code training to graduate with a computer science degree. Most software and application developers are left without the proper skills and resources to code securely.

The most cost-effective way to protect your organization from dangerous attacks and undesired data breaches is to equip your developers with the right secure coding skills. The Secure Coding Workshop from ThriveDX provides the development and cybersecurity training your organization needs to maintain app security and resiliency.

Secure Coding Workshop Outline

The ThriveDX Secure Coding Workshop is a unique 40-hour program delivered remotely or in person. It provides your technical workforce with a blended learning experience of 25 hours of self-paced content modules managed by 7 hours of live workshop sessions, hands-on practice, and an 8-hour capstone high-level design project. Robust lab opportunities allow learners to come face-to-face with information security concepts, practices, and vulnerabilities, and their effect on the software development lifecycle for a comprehensive education experience. Your web and application developers get critical training to understand, associate, implement, and apply information security concepts and secure coding principles in the world of code development.

The ThriveDX Secure Coding Workshop is aligned with the National Initiative for Cybersecurity Education (NICE) work role Software Developer SP-DEV-001.

Secure Coding Workshop Prerequisite

This course is designed for web and application developers who have not previously participated in secure coding training and who have up to 3 years of experience in a developing environment.

Participants should:

  • Be familiar with HTML, CSS, JavaScript, and preferably one of the following programming languages: Python, Java, NodeJS, php, or C#.

  • Have coding experience as either a Programmer/Software Engineer/similar role OR be a graduate of a relevant degree program, such as Computer Science, or coding bootcamps.
The course introduction provides participants with an understanding of why secure coding matters, including exploring the main risks of insecure coding and the effects of insecure coding on the SDLC. Participants also learn information security basic concepts such as encryption, data protection, patch management and release management.
Learners are introduced to the fundamentals of risk management and explore the OWASP Top 10 application security risks, including injection attacks, security misconfigurations, and broken access control. Participants get hands-on practice in broken authentication, cross-site scripting, and SQL injection risks.
Participants will gain understanding of the top secure coding guidelines: input validation, error handling, session management, sanitization, and parameterized queries. They will learn to differentiate between manual and automated security code review, and delve into peer review fundamentals. Participants get hands-on practice in security code review for client-side code.
In this module, participants will enhance their security code review skills learned in the previous module and take an in-depth look at best practices for effective peer review.
Participants will learn to apply coding best practices for HTTP cookies and headers into daily processes. They also will get familiarized with more application security risks, such as SSRF and LFI, as well as handling web crawlers.
Through the 8-hour capstone project, participants will apply what they learn to a real world project from the day to day job and bring immediate and tangible value to their organization. Each learner will create an high level design (HLD) for a web application, for which they will design their own architecture, assess potential risks, and implement security countermeasures.
The course introduction provides participants with an understanding of why secure coding matters, including exploring the main risks of insecure coding and the effects of insecure coding on the SDLC. Participants also learn information security basic concepts such as encryption, data protection, patch management and release management.
Learners are introduced to the fundamentals of risk management and explore the OWASP Top 10 application security risks, including injection attacks, security misconfigurations, and broken access control. Participants get hands-on practice in broken authentication, cross-site scripting, and SQL injection risks.
Participants will gain understanding of the top secure coding guidelines: input validation, error handling, session management, sanitization, and parameterized queries. They will learn to differentiate between manual and automated security code review, and delve into peer review fundamentals. Participants get hands-on practice in security code review for client-side code.
In this module, participants will enhance their security code review skills learned in the previous module and take an in-depth look at best practices for effective peer review.
Participants will learn to apply coding best practices for HTTP cookies and headers into daily processes. They also will get familiarized with more application security risks, such as SSRF and LFI, as well as handling web crawlers.
Through the 8-hour capstone project, participants will apply what they learn to a real world project from the day to day job and bring immediate and tangible value to their organization. Each learner will create an high level design (HLD) for a web application, for which they will design their own architecture, assess potential risks, and implement security countermeasures.

TESTIMONIALS

Their experience of our expertise.

Interested in
partnering with us?

We want to hear from you.

Skip to content