The OWASP Top Ten for Developers

The major cause of webservice and web application insecurity is insecure software development practices. This highly intensive and interactive 4-hour seminar will provide essential application security training for web application and webservice developers and architects.

    The class is a combination of lecture, security testing demonstration and code review. Students will learn the most common threats against applications. More importantly, students will learn how to code secure web and API solutions via defense-based code samples.

    Our focus will be web application security basics.

    • OWASP Top Ten 2021
    • OWASP Top Ten Proactive Controls v3
    • OWASP ASVS 4.03/5.0

    We'll be sure to cover all following categories as well..

    A01:2021-Broken Access Control
    A02:2021-Cryptographic Failure
    A04:2021-Insecure Design
    A05:2021-Security Misconfiguration
    A06:2021-Vulnerable and Outdated Components
    A07:2021-Identification and Authentication Failures
    A08:2021-Software and Data Integrity Failures
    A09:2021-Security Logging and Monitoring Failure
    A10:2021-Server-Side Request Forgery


    Familiarity with the technical details of building web applications and web services from a software engineering point of view.

    Laptop Requirements

    This seminar will be mostly lecture and demonstration. A laptop is not required but might be useful to take notes.

    Jim Manico
    Application Security Educator

    Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for Nucleus Security, BitDiscovery, SecureCircle, and Inspectiv. Jim is a frequent speaker on software security practices, is a member of the Java Champion community, and is the author of "Iron-Clad Java: Building Secure Web Applications" from Oracle Press. Jim also volunteers for the OWASP foundation as the project lead for the OWASP Application Security Verification Standard and the OWASP Cheatsheet Series. For more information, see

    Programutvikling uses cookies to see how you use our website. We also have embeds from YouTube and Vimeo. How do you feel about that?