Unique in the industry, our application security training program combines progressive role and technology-based training with hands-on simulations and reinforcement assets for the most effective way to build offensive and defensive skills.

To increase adoption rates, our tiered security training belt system combines courses, practical experience, and incentives to facilitate progression through a series of  levels of application security maturity.

• Learn: Industry’s largest course library comprising 100+ computer-based and instructor-led courses.
• Assess: Pre-assessments place learners in the right course(s); post assessments and exams confirm knowledge retention and create actionable metrics.
• Do/Practice: Hands-on application security hackathons and classroom labs make it fun to learn and apply skills.
• Reinforce: Over 2,000 supplemental assets, tip sheets, and secure coding checklists strengthen concepts learned.
• Optimize: A dedicated customer success team advises on custom curricula, facilitates rollout, and provides ongoing optimization.

Our application security training program covers all major platforms and technologies and ensures each role can do their job securely.

Leveraging knowledge attained from our Platform Centers of Excellence and application security assessment practice, we’re always on top of the latest attack techniques and threatscape. Organizations like Symantec, BNSF Railway, NASDAQ, and others rely on this deep expertise to train them on building and maintaining secure software systems.

Funded by Microsoft and others, we conducted ground-breaking research resulting in the popular “How to Break Software Security” methodology and book. This was the foundation of our training program, which we’ve expanded to cover defensive topics for secure design and coding for our instructor-led training courses.

Our live, instructor-led training courses are often 1 to 2 full days and led by one of our experts covering popular topics such as the OWASP Top Ten, Attack Trends and Techniques, Test Techniques, and Secure Architecture and Design. We also cover topics related to PCI-DSS Compliance. Additional benefits of our instructor-led training include:

• World-Class Instructors Who Walk the Walk: All courses are created and delivered by experts with development backgrounds who can speak to common software engineering scenarios. To keep their skills honed, each instructor is required to conduct ongoing research and security assessments for our clients.
• Customizable and Flexible: While courses include planned topics, we often tailor content prior to class delivery or adapt in-class if students want to go deeper into certain areas. Content and labs are customizable for your environment, technologies, and capabilities. Courses are also also available as Virtual Classroom, ideal for shorter sessions on specialized or refresher topics.
• Lab-Intensive: Use our pre-built applications or your own. Our instructors show what specific tools and techniques yield the most effective secure coding or testing based on each application.
• Team-Oriented: ILT facilitates buy-in and team building. The deep technical and specialized skills developed also makes it easy to groom “security champions” that can serve as a mentor to the rest of your team.