Skip to course content
Elephant Scale

Secure Coding – a great introduction

Provide developers with foundational secure-coding concepts, threat-modeling skills, and practical countermeasures to build resilient applications.

Get Course Info

Audience: Developers / Team leads / Project managers

Duration: 3 days

Format: Lectures and hands-on labs (50 % – 50 %)

Overview

This course teaches a comprehensive approach to cybersecurity. It starts with threat modeling, continues with common attacks, secure multi-layer design principles, and the details of secure coding. Also included are securing runtime environments and modern security frameworks.

Objective

Provide developers with foundational secure-coding concepts, threat-modeling skills, and practical countermeasures to build resilient applications.

What You Will Learn

  • Threat modeling (STRIDE, CVSS) and labs
  • Common attacks: XSS, malicious file execution, CSRF, session hijacking
  • Secure layered design: object, persistence, presentation layers
  • Countermeasures: validation, strong typing, prepared statements, CAPTCHAs
  • Modern frameworks: Vault, Consul, Anthos; dynamic secrets & credential rotation
  • Authorization & authentication, password security, SSL/TLS, session security
  • Secure coding & static/dynamic analysis, JWT, API security
  • Securing runtime environments, zero-trust networks, AI, quantum-crypto impact

Course Details

Audience: Developers / Team leads / Project managers

Duration: 3 days

Format: Lectures and hands-on labs (50 % – 50 %)

Prerequisites:

Recommended: cybersecurity awareness • Comfortable developing code in the target environment

Setup: Zero-Install cloud lab • Laptop with unrestricted Internet • Chrome browser

Detailed Outline

  • STRIDE
  • Security terminology
  • CVSS assessment
  • Labs
  • XSS
  • Malicious file execution
  • Session hijacking
  • CSRF
  • Encryption flaws
  • Non-functional requirements
  • Layered design concepts
  • Validation controls
  • Whitelist/blacklist
  • Prepared statements
  • CAPTCHA
  • Vault
  • Consul
  • Anthos
  • Dynamic secrets
  • SSO, Spring Security, JAAS
  • Password security
  • SSL/TLS
  • Perfect secrecy
  • Session IDs
  • Hijacking/fixation
  • Static / dynamic analysis
  • SpotBugs
  • JWT
  • Spring Boot, CLR
  • Security zones & policy
  • Zero-trust
  • AI
  • Quantum cryptography

Ready to Get Started?

Contact us to learn more about this course and schedule your training.