C)SWAE - C)SWAE: Certified Secure Web Application Engineer

Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications. The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applications that aren’t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack. The vendor neutral Certified Secure Web Application Engineer certification provides the developer with a thorough and broad understanding of secure application concepts, principles and standards. The student will be able to design, develop and test web applications that will provide reliable web services that meet functional business requirements and satisfy compliance and assurance needs.
The Certified Secure Web Application Engineer course is delivered by high level OWASP experts and students can expect to obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against application threats.

Student Testimonials

Instructor did a great job, from experience this subject can be a bit dry to teach but he was able to keep it very engaging and made it much easier to focus. Student
Excellent presentation skills, subject matter knowledge, and command of the environment. Student
Instructor was outstanding. Knowledgeable, presented well, and class timing was perfect. Student

Click here to print this page »


A minimum of 24 months’ experience in software technologies & security
Sound knowledge of networking
At least one coding Language
Linux understanding
Open shell

Detailed Class Syllabus


Module 1: Web Application Security
Module 2: OWASP TOP 10
Module 3: Threat Modeling & Risk Management
Module 4: Application Mapping
Module 5: Authentication and Authorisation attacks
Module 6: Session Management attacks
Module 7: Application Logic attacks
Module 8: Data Validation
Module 9: AJAX attacks
Module 10: Code Review and Security Testing
Module 11: Web Application Penetration Testing
Module 12: Secure SDLC
Module 13: Cryptography