"Really helpful course understanding PCI compliance standards and a good detailed refresher on general security principles. Presented with a huge amount of resources on how to structure security in an organisation right through to identifying and handling it."
LK, Senior Software Engineer, Secure Coding, May 2021
How this course is run
Security Principles and SD3 (Secure by Design, Default, Deployment)
Techniques to exploit vulnerabilities
Secure coding practices
Testing an application for security
PCI DSS
OWASP TOP 10 VULNERABILITIES
Although secure coding is a large part of the course, there will be the opportunity to learn and write exploits around multiple OWASP Top 10 vulnerabilities (like XSS, CSRF, SQL Injection or Indirect Object Reference).
Threat Modelling
OWASP Top 10
A1 – Injection
Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.
A2 – Broken Authentication and Session Management
A3 – Cross-Site Scripting (XSS)
A4 – Insecure Direct Object Reference
A5 – Security Misconfiguration
A6 – Sensitive Data Exposure
A7 – Missing Function Level Access Control
A8 - Cross-Site Request Forgery (CSRF)
A9 - Using Components with Known Vulnerabilities
A10 – Unvalidated Redirects and Forwards
"Really helpful course understanding PCI compliance standards and a good detailed refresher on general security principles. Presented with a huge amount of resources on how to structure security in an organisation right through to identifying and handling it."
LK, Senior Software Engineer, Secure Coding, May 2021
“JBI did a great job of customizing their syllabus to suit our business needs and also bringing our team up to speed on the current best practices. Our teams varied widely in terms of experience and the Instructor handled this particularly well - very impressive”
Brian F, Team Lead, RBS, Data Analysis Course, 20 April 2022
Sign up for the JBI Training newsletter to receive technology tips directly from our instructors - Analytics, AI, ML, DevOps, Web, Backend and Security.
OWASP 2017 standards - this Java secure coding training course is led by an Application Security expert instructor and delivers focused and customised guidance on how to secure Applications (from code to cloud), covering the technology stack currently used by the delegates (web, mobile, cloud, java, Javascript, AngularJS android, node, etc...).
A highly popular course with plenty of discussion, demos and interactive Labs to demonstrate the issues faced by modern software development teams.
An optional threat modelling session can also precede the course delivery.
CONTACT
+44 (0)20 8446 7555
Copyright © 2025 JBI Training. All Rights Reserved.
JB International Training Ltd - Company Registration Number: 08458005
Registered Address: Wohl Enterprise Hub, 2B Redbourne Avenue, London, N3 2BS
Modern Slavery Statement & Corporate Policies | Terms & Conditions | Contact Us
POPULAR
AI training courses CoPilot training course
Threat modelling training course Python for data analysts training course
Power BI training course Machine Learning training course
Spring Boot Microservices training course Terraform training course