Course Code: 2398

CSWAE - Certified Secure Web Application Engineer

Class Dates:
4 Days
Class Time:
Developer, Security
Virtual Instructor-Led Training, Instructor-Led Training


  • Course Overview
  • The Certified Secure Web Application Engineer, 4- day course is designed to equip students with the knowledge and tools needed to identify and defend against security vulnerabilities in software applications. Students will put theory to practice by completing real world labs that include testing applications for software vulnerabilities, identifying weaknesses in design through architecture risks analysis and threat modeling, conducting secure code reviews and more.
    On the final day of training, students will complete a real world hacking exercise on a live web application.
    These secure coding skills are in desperate need today because the internet is one of the most dangerous places to do business; there are countless cases of valuable information being stolen from businesses because there was vulnerability in their web applications. When programmers don't understand the principles of secure coding, doors are open to those who do. .

    32 CPE Credits
  • Audience
  • The Certified Secure Web Application Engineer Certification Course is designed for those have a background in web application development and want to have the skill set to make their applications secure. While not required, we recommend being familiar with general cyber security topics, including those taught in our C)ISSO: Information Systems Security Officer course.

    Professional Roles:
    Software Engineer
    Web Application Developer
    Mobile App Developer
    Security Consultant


  • Prerequisites:
    Proficiency in web app programming in a language of your choice
  • Recommended Courses:

Course Details

  • Upon Completion
  • Perform web application penetration testing to expose vulnerabilities.
  • Design & implement controls to defend against application vulnerabilities.
  • Integrate security best practices into the software development lifecycle
  • Be ready to sit for the C)SWAE certification exam.
  • Course Content
  • The C)SWAE is a four day course that will cover secure coding practices and testing for web applications
  • It is comprised of 10 Modules and an appendix which includes extra practice labs to perform outside of class to solidify secure coding practices.
  • Students will put theory to practice by completing real world labs
  • Testing applications for software vulnerabilities
  • Identifying weaknesses in design through architecture risks analysis and threat modelling
  • Conducting secure code reviews and more.
  • Course Modules & Labs
  • Web Application Security
  • OWASP TOP 10
  • Threat Modeling & Risk Management
  • Application Mapping
  • Authentication and Authorization attacks
  • Application Logic attacks
  • Data Validation
  • AJAX attacks
  • Code Review and Security Testing
  • Web Application Penetration Testing
  • Secure SDLC
  • Cryptography
  • Appendix Labs
  • Spoofing Authentication Cookies
  • How to Perform Cross Site Scripting (XSS)
  • Injection flaws
  • Improper Error Handling
  • Parameter Tampering
  • Denial of Service
  • Writing Java Secure Code
  • Class Format Options
  • Instructor-led: Traditional classroom setting
  • ?Live-virtual Training: Connect remotely to the class being taught live.