Secure applications and websites play a big role in your overall security profile, and so must secure application development best practices.

With so many high-profile data security breaches, auditors and regulators are paying particularly close attention to the coding practices of your developers as they assess compliance with Payment Card Industry Data Security Standards (PCI DSS) and Sarbanes-Oxley (SOX).

MediaPRO’s Secure Application Development training is an engaging, interactive course that will increase awareness of secure coding practices, assist developers in improving application delivery, and allow you to meet industry and regulatory compliance requirements. The course is closely aligned with OWASP 2017 standards for application security. The intended audience includes architects, designers, developers, and IT risk managers.

Our Secure Application Development course is a standalone offering available outside of our tiered packages of awareness program content, but can be purchased alongside any other offering. See more about our packages here.


Secure Application Coding Topics Include:

Security Principles Overview

  • Core Security Concepts
  • Secure Design Tenets
  • Industry Regulations, including PII, SOX, PCI DSS, PFI, and HIPAA
  • Relative Cost of Detection throughout the SDLC Threat Modeling
  • Risk Assessment through Qualitative Analysis


  • Common Authentication Methods
  • Client-Side SSL Certificates
  • Single Sign-On (SSO)
  • Re-Authentication
  • Password & Account Policies
  • Failing Closed & Failing Open
  • Specific Methods for Preventing Common Attacks
  • Design and Implementation Best Practices


  • Common Authorization Attacks
  • Authorization vs. Authentication
  • Principle of Least Privilege
  • Separation of Duties
  • Access-Control Methods
  • Design and Implementation Best Practices

Session Management

  • Cookies
  • Session Timeouts
  • Securing Against Common Attacks on Sessions
  • Proper Session Storage and Clearing Procedures
  • Design and Implementation Best Practices

Input / Output Handling

  • Validation Overview
  • Common Vulnerabilities and Exploits
  • Data Validation Strategies
  • Preventing Common Attacks
  • Database Access Control
  • Serialization
  • Design and Implementation Best Practices

Error Handling

  • Impacts of Improper Error Handling
  • Identifying Exploits
  • Detailed Error Messages
  • Centralized Exception Handling
  • Structured Error Handling
  • Error Logging
  • Design and Implementation Best Practices


  • Logging Purpose and Requirements
  • Centralized Logging
  • Log Security
  • Design and Implementation Best Practices


  • Hashing
  • Encryption
  • Digital Signatures
  • Certification Authorities
  • SSL & TLS
  • Digital Signatures
  • Securing Communications with HTTPS
  • Key Management
  • Design and Implementation Best Practices

Web Service Security

  • Web Service Protocols and Standards (SOAP and REST)
  • Common Web Service Languages and Frameworks
  • Web Service Vulnerabilities and Common Attacks
  • Message Signing and Encryption
  • Design and Implementation Best Practices

Secure Application Coding Course Features:

  • Meets PCI DSS 3.2 Requirements
  • Real-Life Examples and Applications
  • Professional Graphics and Voiceovers
  • SCORM Compliant


What LearningLAB solution is right for your business?

View Packages
Request a Demo

Explore Our Award Winning Content

From award-winning, interactive courseware to videos, posters, and articles, MediaPRO offers hundreds of individual educational pieces of content to help clients of all sizes and needs to tailor their awareness programs. Check out our content catalog for more information.

See Content Catalog
More Resources
2018 Security Awareness Program Buyer's Guide

Don’t let careless employees make or break your company. Upgrade your security awareness program with this free Buyer’s Guide.

Webinar: A Year in The Life of A Security Awareness Program Manager

Take the security awareness program journey as seen through the eyes of an awareness program manager.

Infographic: The ABCs of Effective Awareness Programs

Check out our infographic for the most important components of a successful security awareness program.