Secure Development Training - September 2025

Have you been to a Kawaiicon and found yourself realising that you want to know more? Are you a curious developer who wants to know what happens if you prod a web application? Are you a QA looking to take the worst path possible through an app?

Maybe the PrivSec Secure Development Training is for you!

Agenda

The training is a one day course consisting of the following:

• A detailed overview of the OWASP Top Ten Web Application vulnerabilities.

• Multiple real world examples and case studies of exploited vulnerabilities.

• Hands on experience exploiting these vulnerabilities on a custom web application

• Techniques and tooling to identify and exploit these bug classes, using both source code analysis and dynamic testing techniques.

• Remediation steps and techniques to mitigate and avoid these issues.

Outcomes

By the end of the day, you will have an understanding of tools and techniques used to compromise web applications and hands on experience in exploiting multiple vulnerabilities in the OWASP top ten.

About the Trainer

Training will be led by one of our Senior consultants, Jack Moran and supported by Sriram Jayaraman

Jack is a Senior Consultant at PrivSec Consulting. He has worked in the offensive security space for the better part of a decade, focusing on web and mobile application testing, along with code reviews and security configuration reviews. He has a number of CVEs credited to himself, and his enthusiasm towards security security is infectious.

Sriram is an ex-developer, turned security consultant. He has a strong background in web application penetration testing, along with code review. He has familiarity with several programming and scripting languages and frameworks such as Python, Javascript, PHP, Node.js, Angular and React.

Notes for the Day

Lunch and snacks will be provided. We will teach you how to hack.