+44 (0) 845 643 1611 info@unitrain.co.uk

Application Security for Developers

2-Day hands-on AppSec training covering the most common application security vulnerabilities and how to build secure applications that avoid these issues. Finding security vulnerabilities at the end of the SDLC is often too late to influence fundamental changes in the way the code is written, and many security issues could be avoided from the outset.

This class has been written by developers turned pen testers who can help developers to code in a secure manner and introduce security into the development cycle. Throughout this class, developers will be able to get on the same page with security professionals, understand how exploitable vulnerabilities are created in code, learn how to fix or mitigate vulnerabilities and get acquainted with the root causes behind some real-world breaches. Various bug bounty case studies from popular websites like Facebook, Google, Shopify, Paypal, Twitter etc will be discussed explaining the financial repercussions of application security vulnerabilities like SSRF, XXE, SQL Injection, Authentication issues etc.

The techniques discussed in this class are generic and developers from any language background can easily grasp and implement the knowledge learned within their own environments. In the class, .NET, Java and NodeJS are used in the workshop examples as this range provide lessons that can be used in a wide range of applications.

Students will also participate in a ‘capture the flag’ exercise where they’ll be challenged to identify vulnerabilities in code snippets derived from real-world applications.

Target Audience

This class is ideal for front end and back end Web/API developers who work day-in-day out building full-stack web applications or web APIs. This course will however benefit anyone who is looking to develop a skill-set into web application security and identify web application flaws.

Course Prerequisites

  • Offers thorough guidance on best security practices for secure application development (Introduction to various security frameworks and tools and techniques).
  • Covers industry standards such as OWASP top 10 application vulnerabilities with a practical demonstration of vulnerabilities complemented with hands-on lab practice.
  • Provides insights into the latest security vulnerabilities (such as host header injection, XML external entity injection, attacks on JWT tokens, deserialization vulnerabilities).
  • Uses real-world stories for each vulnerability explained (Understand and appreciate why Facebook would pay $33,000 to the person who found a XML Entity Injection vulnerability?).

Application Security for Developers Key Facts
Course Duration (days)


Course Price (ex VAT)


Course Vendor


Contact Us

Submit this form and one of our friendly team will contact you within 4 working hours. Or give us a call on +44 0845 643 1611 and let us take care of your training needs.




    Health & Safety Training

    IT Courses

    eLearning Training

    Business Skills & Personal Development

    Project and Programme Management

    Tailor Made Courses

    Call Us

    +44 0845 643 1611

    Email Us


    Privacy Policy