Română

Security for Developers

A hands-on, offensive-perspective training that teaches developers and architects how applications are attacked — and how to defend them. Practical, attack-driven and immediately applicable to your own code and infrastructure.

  • OWASP Top 10 for web, API and mobile
  • HTTP security headers and JSON Web Tokens
  • OWASP ASVS secure-coding standard
  • Threat modeling (optional)
Request this training

Web penetration testing essentials

Core problems, attacking the server, web technology basics, attacking authentication and session management, and encoding.

OWASP Top 10 — web & API

The most critical web and API vulnerabilities, how attackers exploit them, and the technical measures and best practices to prevent them.

Mobile & modern threats

OWASP Mobile Top 10, lesser-known web application vulnerabilities, and JSON Web Token (JWT) security.

Secure coding & verification

HTTP security headers, the OWASP Application Security Verification Standard (ASVS) and threat modeling (optional).

Who it’s for

  • Developers & architects
  • Sysadmins & technical managers
  • CISOs

You will learn

  • Out-of-the-box, offensive thinking
  • Best security practices and common (and less-common) attacks
  • How to defend your applications and infrastructure
  • Practice over theory — hands-on labs

FAQ

What are the prerequisites?

Basic web and programming knowledge; no prior security experience required.

Practice or theory?

Heavily practical — built around hands-on labs and real attack scenarios.

Can it be tailored?

Yes — content and depth are adapted to your stack and team.

Download the full agenda (PDF)

Complement with on-demand video courses

This live, instructor-led training pairs with our pre-recorded video courses on learn.ituniversity.ro — prepare beforehand or review afterwards.

Browse on-demand courses

More services

Penetration TestingWeb Security AssessmentAPI Penetration TestingWireless & Mobile PentestInfrastructure Penetration TestingVulnerability Assessment