• Application Security Training

    Data Security begins with
    Secure Application Development

    OWASP Application Security

Application Security Training that is EFFECTIVE ENGAGING PROVEN

OWASP TOP 10 – CODING SECURITY

Criminals attack public websites every day and sometimes plant malicious software to compromise visitors. Your company portals may be built on the latest technology with the strongest security available, but that is no defense against a software developer untrained in common vulnerabilities. There are websites developed every day that are easy for hackers to compromise. Application Security training closes that knowledge gap. ELC Information Security hosts training for both Managers and Developers on OWASP (Open Web Application Security Project) standards for improved software security.

Proper protection and defenses of web and mobile application reduces costs and increases the reputation of your organization.

ELC has partnered with Infrared Security to offer industry leading training for developers and development managers.  The training is designed to teach how to robustly defend your organization’s web and mobile applications. Our training emphasizes secure coding practices and principles from both a “technical” and “less-technical” perspective.  Defenses for a multitude of security issues are covered in depth across multiple languages and platforms.

Our courses are intended for anyone tasked with implementing, protecting or managing web applications enabling proper protection of your organization’s assets.

  • Development Security Training is smart business practice

  • HTML5 / tablet / smartphone compatible

  • CUSTOMIZABLE NARRATIVE, GRAPHICS, BRANDING

  • CREATED BY LEADING CYBER SECURITY EXPERTS

  • PROVEN EFFECTIVENESS TO REDUCE USER ERROR AND BREACHES

  • Protect your development business against damaging security breaches and client litigation

  • 5 STAR REVIEWS ON GARTNER GROUP’S PEER INSIGHTS

  • Topics include: Injection, Cross-Site Scripting (XSS), Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, and more


VERIFIED REVIEWS ON GARTNER PEER INSIGHTS

Gartner Peer Insights

Learn the OWASP Top 10 Security Vulnerabilities

  • This series of eLearning modules focuses on the most common security vulnerabilities and attack vectors facing application developers today as defined by the OWASP Top Ten.

  • Technical modules feature code-level guidance across many programming languages designed to teach users to identify, diagnose, remediate and eliminate web and mobile application security risks.

  • Courses cover a wide range of topics with role-specific learning paths.

  • Users explore the OWASP Top Ten through real-world examples, rich visualizations of attacks and detailed discussions of mitigation strategies with supporting code examples.

  • Less technical modules are designed to provide managers and general users the principles and knowledge needed to ensure web and mobile applications security.

  • SCORM compliant library can be hosted in your internal LMS or accessed within our 24/7 cloud-based hosting environment.

Application Security Training Program

Topics include: Injection, Broken Authentication and Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, Cross-Site Request Forgery (CSRF), Using Components with Known Vulnerabilities, and Unvalidated Redirects and Forwards.

OWASP Top Ten for Developers

OWASP Top Ten for Developers

Audience: Software Engineers, Software Architects and Software Testers

Duration: Approximately 3 hours to complete

Overview: Participants of this course will gain a foundational understanding of application security and secure programming practices based on the threats and vulnerabilities outlined in the Open Web Application Security Project’s Top Ten document.

OWASP Top Ten for Managers

OWASP Top Ten for Managers

Audience: Software Managers

Duration: Approximately 45 minutes to complete

Overview: Participants of this course will gain a foundational understanding of Application security based on the threats and vulnerabilities outlined in the Open Web Application Security Project’s Top Ten document.

Defensive Enterprise Remediation

Defensive Enterprise Remediation

Audience: Software Engineers, Software Architects and Software Testers

Duration: 1 hour of content, approximately 1.5 hour(s) to complete

Overview: Participants of this course will gain a foundational understanding of mitigating specific classes of vulnerability with emphasis on the Java and C# programming languages.

Threat Modeling

Threat Modeling

Audience: Software Architects and Security Engineers

Duration: 1 hour of content, approximately 1.5 hour(s) to complete

Overview: Participants of this course will gain an understanding of the threat modeling process and how it is used to identify and prioritize threats.

Building Secure JavaScript Applications

Building Secure JavaScript Applications

Audience: Software Engineers and Software Architects

Duration: 1 hour of content, approximately 1.5 hour(s) to complete

Overview: Participants of this course will gain a foundational understanding of writing secure software using JavaScript for both the client and the server.

Building Secure JAVA Applications

Building Secure JAVA Applications

Audience: Software Engineers and Software Architects

Duration: Approximately 1 hour to complete

Overview: Participants of this course will gain a foundational understanding of writing secure software on Java Enterprise Edition based platforms.

Building Secure .NET Applications

Building Secure .NET Applications

Audience: Software Engineers and Software Architects

Duration: Approximately 1 hour to complete

Overview: Participants of this course will gain a foundational understanding of writing secure software on ASP.NET based platforms.

Building Secure Mobile Applications

Building Secure Mobile Applications

Audience: Software Engineers and Software Architects

Duration: Approximately 1 hour to complete

Overview: Participants of this course will gain a foundational understanding of how to build secure mobile applications targeting the iOS and Android platforms.

Integrating Security Throughout the SDLC

Integrating Security Throughout the SDLC

Audience: Software Managers

Duration: 1 hour(s) to complete

Overview: Participants will understand the most important and essential security activities which can be conducted throughout the SDLC to reduce security issues.

5 Star Gartner Peer Reviews:

“Courses Are Customizable. Implementation Was Quick And Painless. Love working with this team – they are very knowledgeable and attentive through the implementation process.”

“Our third year using ELC for refresher training. We use ELC Information Security for annual refresh training for 350 employees. This years training was focused on phishing, spoofing and social engineering. Very helpful!”

“Working with ELC is truly a great experience. The training content and the customization options are vast and just what we were looking for. Their fast turnaround times and above average customer service have made us a repeat customer for several years.”

“Great service, easy implementation, helpful reports. Very friendly and responsive service. They will walk an extra mile to make a customer happy. The reports are easy to access, easy to customize.”

Are you ready to train your Team?

Development Security Training is smart business practice. Investing in online application security training courses is a smart investment that protects your development business against damaging security breaches and client litigation. You might also be interested in our Privacy by Design Security Training too.

Learn the OWASP Top 10 Security Vulnerabilities

This series of eLearning modules focuses on the most common security vulnerabilities and attack vectors facing application developers today as defined by the OWASP Top Ten. Participants of these modules will explore the OWASP Top Ten through detailed analysis of real-world examples, rich visualizations of attacks, as well as detailed discussions of mitigation strategies with supporting code examples. After completing these modules, participants will be able to more readily identify, mitigate, and prevent common security vulnerabilities within their own applications.

We ALWAYS offer dedicated client support.