Security is everyone’s job. Developers, service engineers, and program and product managers must understand security basics and know how to build security into software and services to make products more secure while addressing business needs and delivering user value.

In this one-day workshop, we will introduce you to why security is important, how common attacks are executed, and what we, as developers, can do to protect our systems from these attacks.

This workshop contains plenty of hands-on exercises that allow the participant to learn by doing.

After the course
The participant will understand why security is important, how common attacks are carried out, and how to protect your applications against these attacks. During this course, the participant will also understand how the web works and how to think like an attacker.

Target audience
This course targets developers on all platforms, including .NET, Java, JavaScript, and PHP.

Prerequisites
You should understand how the web works and have a basic web development experience, including HTTP, HTML, and JavaScript.

Agenda
* Introduction
* Social engineering
* Encoding
* Unicode
* HTTPS
* XSS - (Cross-Site Scripting)
* CSP - (Content Security Policy)
* CSRF - (Cross-Site Request Forgery)
* Securing our cookies
* Writing more secure code
* OWASP top 10
* OWASP Application Security Verification Standard
* And more…

I have taught this topic/course for over 10 years, and this workshop is based on a 2-day class I have in the topic at https://tn-data.se/courses/web-security-fundamentals/.

The participant only needs to be able to install https://www.telerik.com/download/fiddler to be able to join the class.

The target audience is web developers on all levels who want to get into the fundamentals of web security.

This is a 1-day workshop.