Track 04 · Corporate Training

Secure Coding and Application Security

Build security into the software lifecycle — from input validation to DevSecOps pipelines.

12 Modules 40–48 Hours Instructor-Led / Virtual / Hybrid
Overview

A developer-focused track that embeds security across the software development lifecycle. It covers the vulnerability classes that matter, secure design and coding practices, cryptography and secrets handling, and integrating security testing into CI/CD.

Modules
12 Modules · 40–48 Hours
01
Application Security Fundamentals
Secure development lifecycle, threat modelling and application risks
3 Hours
02
Input Validation
Injection attacks, validation strategies, sanitisation and encoding
4 Hours
03
Authentication Security
Password handling, MFA, account recovery, session creation and credential security
4 Hours
04
Authorisation and Access Control
IDOR, privilege escalation, role-based access and object-level controls
4 Hours
05
Session Management
Cookies, tokens, session expiration, logout and session protection
3 Hours
06
API Security
API authentication, authorisation, rate limiting, data exposure and validation
5 Hours
07
File Upload Security
File validation, storage, execution controls and malicious uploads
3 Hours
08
Cryptography and Secrets
Encryption, hashing, key management, API keys, credentials and secrets storage
4 Hours
09
Secure Error Handling and Logging
Exception management, sensitive-data exposure and security logging
3 Hours
10
Dependency Security
Third-party libraries, software composition analysis and supply-chain risks
3 Hours
11
Secure Code Review
Manual review techniques, common coding weaknesses and remediation verification
4 Hours
12
DevSecOps Integration
SAST, DAST, SCA, pipeline security and security gates
4 Hours
Delivery Formats
Instructor-Led ClassroomVirtual Instructor-LedHybrid TrainingWorkshop-BasedLaboratory-BasedExecutive BriefingTabletop ExerciseBootcampTrain-the-TrainerCustom Corporate Programme