Security Courses

OWASP Foundation

Improving the Security of Software Defined Infrastructures - AppSec EU 2017

Explore security challenges in Software Defined Infrastructures, learn attack surfaces, vulnerability identification techniques, and remediation strategies for configuration management tools like Puppet or Chef.

• YouTube
• 26 minutes
• Self-Paced
• Free Video

OWASP Foundation

Integrating Security in Agile Projects - AppSec EU 2017

Practical guide on integrating comprehensive security programs into agile development, featuring a real-world case study and tips for organizations prioritizing security in their projects.

• YouTube
• 42 minutes
• Self-Paced
• Free Video

OWASP Foundation

SDLC for the DevSecOps Era - Adapting Application Security Techniques

Practical lessons on adapting application security techniques for agile development, covering lightweight controls, visibility, and measuring security maturity in modern DevOps environments.

• YouTube
• 32 minutes
• Self-Paced
• Free Video

OWASP Foundation

Threat Modeling with PASTA - Application Security Case Studies

Explore risk-centric threat modeling using PASTA methodology, with case studies in IoT, E-Commerce, and Mobile Applications. Learn to align design and coding techniques with application use cases and potential threats.

• YouTube
• 46 minutes
• Self-Paced
• Free Video

OWASP Foundation

The Evil Friend in Your Browser - Browser Extension Security Risks

Explore the security risks of browser extensions, their potential for data breaches, and the limitations of current security models. Learn about threat analysis and user protection strategies.

• YouTube
• 40 minutes
• Self-Paced
• Free Video

OWASP Foundation

The Flaws in Hordes, The Security in Crowds - Crowdsourced Security Models

Explores the effectiveness of bug bounty programs in improving application security, discussing strategies for success and potential pitfalls to avoid. Examines trends in appsec automation and remaining challenges.

• YouTube
• 40 minutes
• Self-Paced
• Free Video

OWASP Foundation

Security Selfie: Sizing Up Your AppSec Program with New Metrics

Discover innovative metrics to evaluate and enhance your application security program's effectiveness, presented by Facebook's Security Engineering Manager.

• YouTube
• 46 minutes
• Self-Paced
• Free Video

OWASP Foundation

AWS Survival Guide - Application Security Essentials

Discover essential strategies for securing applications in AWS environments, covering key concepts and best practices for cloud security from an experienced CTO and application security expert.

• YouTube
• 38 minutes
• Self-Paced
• Free Video

OWASP Foundation

Essential TLS Hardening for Better Web Security

Explore essential TLS hardening techniques for enhanced web security with Justin Mayer, founder of Monitorial.com. Learn practical strategies to identify and address potential vulnerabilities in your web applications.

• YouTube
• 53 minutes
• Self-Paced
• Free Video

OWASP Foundation

AppSec Pipelines and Event-based Security - Moving Beyond Traditional Security Testing

Explore event-based security and AppSec pipelines to enhance traditional security testing methods. Learn innovative approaches for improving application security from an experienced professional.

• YouTube
• 48 minutes
• Self-Paced
• Free Video

OWASP Foundation

Stealth Authentication: Preventing Information Leaks in Web Application Security - APPSEC CA 2017

Explore stealth authentication techniques to enhance web application security by preventing information leaks during the authentication process.

• YouTube
• 51 minutes
• Self-Paced
• Free Video

OWASP Foundation

HTTPS Security Headers: HSTS, TLS, HPKP, and CSP Implementation - APPSEC CA 2017

Comprehensive guide to implementing HTTPS using HSTS, TLS, HPKP, and CSP. Learn best practices for secure web communication from Salesforce security experts.

• YouTube
• 48 minutes
• Self-Paced
• Free Video

OWASP Foundation

DASTProxy: Automated Security Testing Focused on Business Context

Explore DASTProxy: a tool for automated security testing that focuses on business context rather than crawling, enhancing efficiency and effectiveness in application security assessments.

• YouTube
• 45 minutes
• Self-Paced
• Free Video

OWASP Foundation

Monitoring Application Attack Surface to Integrate Security into DevOps Pipelines

Explore integrating security into DevOps pipelines through application attack surface monitoring. Learn strategies from a recognized expert to enhance your organization's software security practices.

• YouTube
• 48 minutes
• Self-Paced
• Free Video

OWASP Foundation

SPArring with the Security of Single Page Applications

Explore security challenges in Single Page Applications with insights on automating detection and mitigation strategies for modern web development vulnerabilities.

• YouTube
• 39 minutes
• Self-Paced
• Free Video