Öppna kurser

Web Security Fundamentals

Today’s internet is a very rough place, with robots, spies, states, hackers, and other evil entities constantly roaming around the web looking for vulnerable web applications to attack. Because of this, it is very important that every developer has the necessary skills to protect their applications.


In this hands-on course, you will learn the fundamentals of how the web works, how to protect your applications, and how attacks are performed. It goes beyond the OWASP TOP-10 and gives you many concrete examples of how to fail and how to protect your applications.

This course is constantly improved as new security vulnerabilities, and best practices emerge.


This course targets developers on all platforms, including .NET, Java, and PHP.


You should have basic web development experience, including HTML, CSS, and JavaScript.


In this course, we will cover concepts like:

  • Social Engineering
  • Securing HTTPS
  • Unicode
  • Cross-Site Scripting (XSS)
  • Preventing XSS with Content Security Policy (CSP)
  • Cross-Site Request Forgery (CSRF)
  • Securing your cookies
  • Same site cookies
  • Cross-Origin Resource Sharing (CORS)
  • SQL Injections
  • Authentication
  • Application DoS attacks
  • Securing passwords
  • Preventing data leaks
  • Intercepting proxies
  • Supply-chain attacks
  • Subresource Integrity

And much more…