AppSec Refresher

AppSec Refresher

A refresher course for developers who have previous training in application security.

Class Synopsis

This refresher course is designed for developers who have been previously trained in application security, but need a regular update. We have intended this course for organizations that are required to perform annual developer training for PCI and other compliance mandates. Students will receive access to the lecture to review previous material and to update them on recent application security changes in the industry.

This course covers common application security vulnerabilities, including the OWASP Top 10, and related controls and solutions. The material is updated at least once every year to incorporate the latest in application security vulnerabilities, controls, and best practices.

Duration: 2-3 hours

Features: This training is available in a recorded format. Knowledge-checks or quizzes are part of the course.

To Register: Contact Us


The following serves as a tentative agenda for this class. The class is regularly updated to incorporate the latest information on modern web application concepts and attacks.

  • Introduction
  • Security is a Full-Stack Responsibility
  • OWASP® Risk Rating Methodology
  • OWASP® Top Ten
  • A1: Injection
  • A2: Broken Authentication
  • A3: Sensitive Data Exposure
  • A4: XML External Entities (XXE)
  • A5: Broken Access Control
  • A6: Security Misconfiguration
  • A7: Cross-Site Scripting (XSS)
  • A8: Insecure Deserialization
  • A9: Using Components with Known Vulnerabilities
  • A10: Insufficient Logging & Monitoring
  • Next Steps

Note that each of the OWASP® Top 10 topics include both an explanation of the vulnerability and how to prevent it.

Prerequisites & Equipment

Students attending this class should have previously taken a long-form class on the OWASP® Top 10.

This class is recorded and can be accessed with a modern webbrowser such as Chrome or Firefox

AppSec Refresher Pricing

The pricing for this class is available as either per-seat (convenient for events) or at a flat rate for an instructor:

Individual Rate

Per Seat$90Per Year
  • Covers OWASP® Top 10
  • Done in under 3 hours
  • Helps meet PCI DSS Training Requirement
  • Certificate of Completion
Request This

Team & Group Rate

Flat RateAsk UsPer Year
  • Everything in Individual Rate
  • You Manage Student Licenses
  • Completion Tracking
  • Keep developers updated
Request This*Significant discounts for larger groups

Looking for something else?