OWASP: Web Application Security for Absolute Beginners!

Understand impact, Explain Vulnerabilities, And Make More Money. Within 1,5 hour you will be able to explain web application security without having to code. 

Benefits

Best Practices

Follow a structured, detailed approach to learn the best practices complete with practical examples and a quiz to test your knowledge!

Fast Learning!

Years worth of experience condensed into short videos. Within 1,5 hour you understand how to protect web application and are able to spar with developers!

Exclusive Webinar

Access to an exclusive webinar where you can ask your most pressing questions directly to the creator of the course!

Test your web application security knowledge here!

If you don’t know the answers to one or more of these questions, your (web) application may be at risk.
You have borrowed data from your customers, you did not inherited it. Handle it with care.

Here's What's Inside The Course:

LESSON #1:

Introduction to OWASP Top 10 (2017)

LESSON #2:

Updated OWASP Top 10 (2021)

LESSON #3:

Injection

LESSON #4:

Broken Authentication and Session Management

LESSON #5:

Cross Site Scripting (XSS)

LESSON #6:

Broken Access Control

LESSON #7:

Security Misconfiguration

LESSON #8:

Sensitive Data Exposure

LESSON #9:

Insufficient Attack Protection

LESSON #10:

Cross-Site Request Forgery

LESSON #11:

Using Components with Known Vulnerabilities

LESSON #12:

Unprotected APIs

LESSON #13:

XML External Entities – OWASP A4:2017

LESSON #14:

Insecure Deserialization – OWASP A8:2017

LESSON #15:

Insufficient Logging and Monitoring – OWASP A10:2017

LESSON #16:

Cryptographic Failures – OWASP A02:2021

LESSON #17:

Insecure Design – WASP A04:2021

LESSON #18:

Software and Data Integrity Failures – OWASP A08:2021

LESSON #19:

Server-Side Request Forgery – OWASP A10:2021

LESSON #20:

Bonus 1 – Defense in depth

LESSON #21:

Bonus 2 – STRIDE

LESSON #22:

Bonus 3 – Secure development processes

LESSON #23:

FAQ 1 – How can you test whether you website uses the latest security protocols?

LESSON #24:

FAQ 2 – Where can I (legally) test my hacking skills for free?

LESSON #25:

FAQ 3 – What are insecure direct object references?

LESSON #26:

FAQ 4 – Like this course? Check Out my Software Quality Course!

About Security Repo

Security Repo was founded by Soerin Bipat, a (chief) information security officer, teacher and researcher. His passion is to develop an information security and privacy strategy along with the customer to achieve their goals. He has been active in several layers of the IT and business domain for almost 15 years.

Our mission at Security Repo is to provide security education to anyone who needs to protect data. We specialise in creating content that shares best practices based on scientific research and requires limited prerequisite knowledge.

Whether you’re new to information security or want to refresh your memory on something you’ve learned in the past, Security Repo has you covered.

Testimonials

Watch a Sneak Preview

Watch videos that are part of this course for free! The full course contains all the a lessons described above. Enrol and understand how to protect web applications within 1,5 hours!

FAQ

I have a 30-day 100% money back guarantee, so if you aren’t happy with your purchase, I will refund your course – no questions asked! However, students love this course and I’m pretty sure you will too.

Within 1,5 hour you will be able to explain web application security without having to code.
For your convenience: I’ve combined the OWASP 2017 and OWASP 2013 top 10 list into a single list of 10 common web application security threats. I’ve updated the course with the new threats added in 2021.
I will teach you the 10 most common threats identified by the Open Web Application Security Project (OWASP).

This course will jumpstart your security career!  

Whether you’re new web application security or or want to refresh your memory, this course has short videos that are easy to understand and require not prerequisite knowledge!

– Anyone who wants to understand the OWASP top 10 within a short amount of time, without beging bothered with technical details.
– Product Owners that care about their product
– (Project) managers that lead software projects
– Software architects that want to explain the OWASP top 10 to product owners
– Software engineers that want to advance their career, because security is part of every new assignment! 
– Pentesters / Red team that need to know how to communicate foundational knowledge
– Recruiters that want to challenge software engineers

Herewith some of the learning objectives you can expect after following this course:

– Be confident in explaining the OWASP top 10 during an interview
– Explain all OWASP top 10 threats short and impactful to get attention of managers
– Explain the impact per threat for your business
– Understand how the OWASP top 10 threats can be executed by attackers
– Understand how the OWASP top 10 threats may be mitigated
– Explain ‘Injection’ to your mom/dad
– Explain ‘Insecure Deserialisation’ to your non technical friends
– Understand best practices such as defence in depth and STRIDE

True, let me explain by giving you an overview of my experience:
– Parttime PhD researcher. I read the science, you’ll get the knowledge! What more do you want? 
– (Chief) Information Security Officer.  Responsible for implementing and maintaining a well balanced organisational risk posture;
– Software consultant (6,5 years). I’ve advised many managers of large / small IT projects on various software related aspects. 
– Unlike most other courses, you may actually claim 1 Continuing Professional Education (CPE) after finishing this course completely

Besides that I hold several certifications:
– CISSP which stands for Certified Information Systems Security Professional
– CSSLP which stands for Certified Secure Software Lifecycle Professional
– CISA stands for Certified Information Systems Auditor
– CIPP/E stands for Certified Information Privacy Professional / Europe

All four certifications are vendor-neutral certification programs. 

The course is made available online and you can log on to it and watch the videos, just like any other service. 

This courses is created such that everybody can follow it. Prerequisites are:
– Pen and paper to take notes
– Willingness to play with presented content

The threats are explained conceptually, since the implementation of a threat may differ per situation. Therefore, having a general understanding of the security threats, its implications and potential solutions will provide you with the essential knowledge to mitigate the impact of these web application security threats. Hence, no security coding or security testing experience needed.

While online learning may not be for everyone, this course comes with an exclusive webinar for you to ask your most pressing questions or just to follow Q&A asked by the community!

Sure! Scroll up and you will find a sneak preview video on this page. Watch these videos for free. Like me teaching style, do not hesitate to enrol and take control of your first impressions!

NOW, YOU'RE PROBABLY WONDERING...

"How much would it cost
me to join?

Well, if you’re going to add all the lessons and bonuses…

  • 19 Easy-to-Understand Lessons About OWASP Top 10
  • BONUS #1: 7 additional videos
  • BONUS #2: !! EXCLUSIVE ACCESS TO TEACHER THROUGH A WEBINAR !!
  • BONUS #3: Lots of downloadable documents for further reading
  • BONUS #4: 1 Continuing Professional Education (CPE) Credit

… you’ll have to pay at least $350.

And considering it costed me thousands of dollars in formal education…

… and several years of practice and experience…

$350 is very reasonable

But I’m not going to charge you that amount for this course because it’s my mission to help as many people as I can to reduce web application security exploits.

I won’t even charge you $200…

Not even $100…

Because today...

You'll Get Everything For Only...

... a one-time fee of $350
$12.99!

P.S. Price may change at anytime without prior notice.