README

Use this catalog to browse the defdev.eu courses. Use the gitbook menu on the left where available.

defdeveu secure development trainings are designed to significantly improve the security quality of the software production by mastering secure coding skills and through adopting sticky development practices that systematically reduce defects.
This site (c.defdev.eu) is a catalog/repertoire of the defdeveu private trainings/workshops. For the upcoming public and hosted trainings check the defdev.eu site.
Courses/workshops
The European defensive development (defdev.eu) project provides public and private (and hybrid, aka hosted) trainings for software development companies. We do secure development and security testing courses and also trainings to improve secure devops and SDLC processes.
Secdev courses
We offer the following standard secure development courses and workshops:
​Webapp development with security in mind​
​Secure development in Java/JEE​
​Secure development in Javascript​
​Android security design and secure coding​
​iOS security design and secure coding​
​Secure development in .net/C#​
​Secure development in C/C++​
We also offer secdev courses in Kotlin, Python, Node.js and PHP. Please check back later. Subscribe to our twitter @defdeveu for updates and announcements.
Our secdev courses are mostly structured around the OWASP ASVS (or MASVS), and we promote CMU/SEI guidelines where possible.
Also check out the extra addons in a below section which can greatly expand the impact of the course.
Testing courses
​Security test automation in CI/CD pipelines​
​Mobile testing automation​
​Burp for developers​
DevSecOps courses
​Docker security​
​AWS security​
Extras/addons
​Assisted code-review lab​
​Mobile security baseline​
​S-SDLC playbook​
​Hacking applications​
Delivery
The lectures are mixed with cloud-hosted exercises and many DIY tasks, we also use gamification approach in education. We flex the actual delivery according to the audience on the fly, adapting the scope and the depth of different topics indicated in the course agendas. Read more about our practices and approach:
​Main features of our trainings​
​Agenda structure and ingredients​
​Days and kits​
​Trainer formations​
Our trainers are practitioners with authority and have years of experience in enterprise software production: such as security testers who are good at coding or senior developers who learnt security testing and S-SDLC.
About us
Clients/visitors of public and private defdev [and also secmachine] trainings were/are: LogMeIn/LastPass/GoToMeeting/Boldchat, Ustream, ING Belgium/Netherlands, JKU Institute für Netzwerke und Sicherheit, Siemens/evosoft, Nokia, GE Healthcare, Opera Software, SAP, Balabit/One Identity, AEGON, KBC/KH Hungary, Ocado, Vijfhart.
Contact: [email protected]
​>>> Try a training! <<< (a contact google form)

Next - secdev courses

Java

Last modified 3yr ago