Upcoming Schedule

No courses are scheduled at this time.

Contact us to request a course or learn more about custom course options.

What to Expect

Course Description

This in-person, three-day course first demonstrates to developers how attackers create strategies to compromise applications in order to help students “think like an attacker.” The class then moves into demonstrating how the Open Web Application Security Project (OWASP) provides developers with the tools to successfully develop applications that are difficult or impossible to hack.

This class is rich in hands-on opportunities giving developers a chance to see for themselves how attackers think, how the framework protects the application, as well as where it falls short. This course also satisfies section 6.5 of the Payment Card Industry Data Security Standard (PCI DSS).

Course Objectives

  • Understand security concerns, including the PCI DSS Understand and know the common vulnerabilities
  • Understand the underlying code flaws that enable vulnerabilities
  • Be able to correctly code to avoid flaws
  • Be able to spot code with potential flaws        
  • Be able to use various tools, libraries, and frameworks to better secure systems and code 

Who Should Attend

This class is focused specifically on software development but is accessible enough for anyone who’s comfortable working with code and has an interest in understanding the developer’s perspective:

  • Software Developers and Architects
  • Testers/QA specialists
  • Systems and Security Administrators
  • Penetration Testers


Experience with programming in ASP.NET using C#, or Java JSP/Servlets, or proficiency and a solid grasp of syntax in whatever platform/language you work with.

Required - Laptops installed with:
.Net developers (vb.net or C#) need to have Visual Studio installed in order to develop .Net applications.  There are several editions, but the easiest to install is VS 2017 Community Edition https://www.visualstudio.com/downloads/, free from Microsoft.  There are several different installers, but just make sure ASP.Net and SQL tools are installed.

Java developers are free to use any Java IDE they wish.  The instructor will be using Eclipse Oxygen Enterprise Edition https://www.eclipse.org/downloads/packages/eclipse-ide-java-ee-developers/oxygenrc2, free from Eclipse.org.  The EE edition along with a Java runtime on their system is required.

Instructor - Chuck Mccullough

Chuck specializes in software engineering consulting, outsource development, and developer training services. With a quarter century of experience in software development and access to others with similar depth of experience, he can certainly answer your most difficult questions. He has developed dozens of applications over the years in C++, .Net, and Java and has trained thousands of developers in these technologies.