Select Page

SEC 100 Security Awareness

Our general security awareness course is intended for both technical and non-technical people and covers different topics on how to use technology in a safe way. We look at well-known examples of attacks conducted using phishing e-mails, malware, social engineering and how they can be avoided.

Title Security Awareness
Code SEC 100
Description The course is delivered in the form of a presentation and discussion. We present real-world examples of attacks and what happened to the companies that were targeted. We also talk about what companies can do in a world where cyber attacks are more and more common.
Topics Phishing e-mails
Common attacks on web and mobile applications
Social engineering
Incident response
Risk management
Duration 4 hours
Audience Both technical and non-technical people

SEC 101 Web Application Vulnerabilities

This course covers the most common vulnerabilities found in web applications, how the vulnerabilities can be exploited by hackers and how they can be avoided by developers.

Title Web Application Vulnerabilities
Code SEC 101
Topics Injection
SQL injection
Cross site scripting (XSS)
Broken authentication
Broken session management
Insecure direct object references
Security misconfiguration
Sensitive data exposure
Missing function level access control
Cross site request forgery (CSRF)
Using vulnerable third-party components
Unvalidated redirects and forwards
Duration 4 hours for the condensed version and 8 hours for full course
Audience Software developers
Software architects
Quality assurance engineers
Delivery managers
Product owners



SEC 102 Browser Security

This course covers the different security features that are built into modern browsers and which are available to web application developers. When employed properly, these features can make your application a lot more robust from a security point of view. The materials are also useful for quality assurance engineers who test web applications.

Title Browser Security
Code SEC 102
Topics Content Security Policy (CSP)
Cookie flags
Subresource Integrity (SRI)
Mixed content
Same-Origin Policy and Cross-Origin Resource Sharing (CORS)
X-XSS-Protection response header
X-Frame-Options response header
Certificates and HTTPS
Duration 4 hours for the condensed version
8 hours for the workshop
Audience Software developers
Quality assurance engineers