Data security training for developers: How to secure your internet applicationsMay 2022
This month, 15 of our architects and lead developers participated in an intensive 2-day training program focused on Security for Developers. The objective of the trainers was to encourage the participants to develop a creative and innovative mindset, to view security from an offensive perspective, to learn best security practices, and to gain knowledge on both common and less common attacks, with a special emphasis on defending their applications and infrastructure. The training was designed to enhance the skills of our developers and help them stay ahead of the ever-evolving security threats.
Here are some of the topics that were on the agenda:
- Overview of Web Penetration Testing
- OWASP Top Ten Web Vulnerabilities
- API Top Ten vulnerabilities
- Technical measures and best practices
- OWASP Top 10 Mobile Vulnerabilities
- HTTP Security Headers
- SON Web Tokens
- Less known web application vulnerabilities
- Secure Coding. OWASP Application Security Verification Standard (ASVS) – (optional)
- Threat Modeling (optional)
The participants benefited a lot from these intense hours of theoretical and practical effort.