Awareness Training Web-Security

The training raises awareness of the security risks of web applications and teaches practical countermeasures through theoretical and practical exercises.

Request now
Icon Security Awareness

At a glance

General information

  • 1 day training with compact agenda (on-site or remote)
  • Large practical part “hack web application yourself”

Target group

All those involved in web development projects: Developers, architects, product owners, testers, scrum masters, project managers

Application examples

Creating awareness of security risks in web applications

Description

This training addresses the typical requirements of web applications, creates awareness of the most common security risks and provides practical knowledge on countermeasures in theory and practice.

The security of IT systems is increasingly becoming the focus of companies because their networking, architecture and implementation expose them to potential threats. Nowadays, a large number of applications are accessible on the internet in the form of a web application or as an API and even a single vulnerability can be enough for attackers to penetrate the system and cause damage.

To make this risk manageable, security requirements must be taken into account in the software development process right from the start. To do this, software developers must be aware of the attack vectors in order to recognize and avoid typical vulnerabilities.

This training addresses the typical requirements of web applications, creates awareness of the most common security risks and provides practical knowledge on countermeasures in theory and practice.

On the training day, participants are sensitized to the risks of inadequate security in web applications. To this end, the most common problem areas are presented using the OWASP Top 10 are presented.

In order to make the theoretical knowledge tangible, the participants are given the opportunity to hack a prepared, intentionally vulnerable web application themselves.
Because only if you know the possibilities of an attacker, you can also consider and implement appropriate countermeasures when developing a software project.
The application to be hacked is selected and prepared according to the participants’ level of knowledge. This means that non-technical project staff can also take part.

We offer both public training courses on fixed dates and individual training courses with customizable focal points.

Agenda

  • Introduction to security: Motivation and security goals
  • The most common security risks in web applications
  • Practical part: Hacking the web app yourself

Typical questions we answer:

  • What security risks need to be considered when developing web applications?
  • How does the attack surface of a single-page application (SPA) differ from a server-side rendered application?
  • What are the best practices for implementing authentication, authorization or cryptographic procedures?
  • What relevance do SQL injection, cross-site scripting (XSS) and credential stuffing have today and what countermeasures are recommended?
  • How does an attacker proceed, what tools does he use, and what can be learned from this for development?
Awareness Training Web-Security
  • signed certificate of completion
  • in-house training
  • Customization available (agenda, tech stack, language, etc.)
  • small training groups
Request now

Why inovex Academy?

Our offer

The inovex Academy has set itself the task of passing on knowledge about methods and technologies that we already use successfully in our projects.

Curated content

Our trainers create a customized training offer based on your requirements.

Customizable tech stack

In exclusive trainings, we can consider your tech stack for the training content.

Individual assistance

If needed, we can tailor the training to a specific use case of your company and work directly based on your data.

Trainers

Our trainers are field-tested experts in their areas of expertise. Through their work in projects, they expand their knowledge day by day and pass on this know-how in their trainings - application-oriented and practice-oriented.

Portraitfoto von Clemens Hübner

Clemens Hübner

ISTOB Zertifizierung
Certified Professional for Project Management Badge
Clemens Hübner has been working at the intersection of software development and security for over 10 years. After working as a software developer and in penetration testing, he joined inovex as a security engineer in 2018. Today, he supports development projects at concept and implementation level, trains colleagues and customers and advises on DevSecOps. He is invited to speak at conferences in Germany and abroad on current application security topics.
Foto Dr. Michael Gerhäuser

Dr Michael Gerhäuser

ISTOB Zertifizierung
Certificate ISAQB Certified Professional for Software Architecture - Foundation Level
Dr. Michael Gerhäuser has been working professionally as a software developer since 2014 and joined the inovex team in 2022. He specialises in the design and implementation of web applications, both frontend and backend with operations and monitoring. He is also interested in topics such as software performance and web application security. In his private life, Michael is involved in the local software craftsmanship community by organising a Rust Meetup and as a member of the organisation team of a local barcamp.

Our training approach

From the needs analysis to the awarding of certificates, we offer customized training courses, flexibly designed and carried out according to your requirements.

If you are interested in in-house training, we will start by identifying your needs and discussing your objectives. This discussion forms the basis for an initial offer.

As soon as the framework data has been clarified, our trainers start adapting the training content. Many of our training courses have a modular structure and offer the opportunity to design the agenda flexibly. Training courses that prepare for certifications, on the other hand, are less flexible. Here, however, you can set the content focus according to your wishes.

You will receive all relevant information in advance of the training. The training will then take place in the room of your choice and at the agreed time. Our trainers will adapt to your requirements.

After completing the training, all participants receive a certificate confirming their participation. You will also have the opportunity to give us feedback on the content and the course. We are always happy to receive praise and suggestions for improvement.

Frequently Asked Questions

Which roles should attend this training?
This training is recommended for everyone involved in the software lifecycle, especially developers, architects, product owners and project managers
Foto von Collin Rogowski
Collin Rogowski
Head of inovex Academy
inovex Logo
Go back
Foto von Collin Rogowski

I look forward to your inquiry.

Collin Rogowski

We are your partner for successful trainings

We would be happy to talk to you personally about your concerns. Get in touch now!

Foto von Collin Rogowski
Collin Rogowski
Head of inovex Academy
  • Individual training offer for your company
  • Over 25 years of experience as inovex Academy