Application Security In-Practice

When: Monday, June 12th - Thursday, June 15th

Time: 6:00pm - 9:30pm

Where: 1871 - Chicago, IL

Cost: $1,250


This course is for developers, quality assurance testers, or anyone interested in application security and learning how to secure their web applications!

**Get a hands-on demonstration of the newly released 2017 OWASP Top 10 application security risks**

The quantity and importance of data entrusted to web applications is growing, and security needs to be ingrained from the very beginning of development. Traditional network defenses fail to secure web applications and this course will enable you to properly defend your organization's web assets.

In this course - you will learn about the current threat landscape / attack vectors, walk through the most critical web application security risks, understand the top web application vulnerabilities, as well as learn how to implement security into your development life-cycle.


Monday (6/12) through Thursday (6/15) from 6:00-9:30pm

Day 1 - Monday, June 12, 2017 from 6:00pm – 9:30pm
Day 2 – Tuesday, June 13, 2017 from 6:00pm – 9:30pm
Day 3 – Wednesday, June 14, 2017 from 6:00pm – 9:30pm
Day 4 – Thursday, June 15, 2017 from 6:00pm – 9:30pm


Evolve Security Academy Classroom
@1871 – located on the 12th floor of the Merchandise Mart Plaza
222 W. Merchandise Mart Plaza, Suite 1212
Chicago, IL 60654



The Current Attack & Threat Landscape

Discuss and understand the current threats and vulnerabilities targeting APIs and Web applications.

Application Security Best Practices

Discuss and review the current industry accepted best practices for implementing application security including the OWASP Top 10.

The Secure Security Software Development Lifecycle (SSDLC)

Discuss and review the proper implementation of security into the Agile software development lifecycle.


Additional Information


  • Laptop must meet minimum requirements in order to be able to participate in this course.
  • Students attending this course are required to bring their own laptops pre-configured per the instructions below. This must be done before class starts.
  • Mandatory Laptop Hardware Requirements
    • 2GHz processor
    • 4GB RAM with 6 GB or higher recommended
    • 20GB free hard disk space
  • Must have VirtualBox installed before the start of class
  • Must have Kali Linux installed before the start of class
  • You must have administrative privileges on the laptop with the ability to disable the host firewall (the Windows firewall or other third-party firewall) and anti-virus running on your desktop. If you have additional questions about the laptop specifications, please contact

Who should attend?

  • Application developers
  • Application quality assurance testers
  • Application security analysts or managers
  • Application architects
  • Penetration testers who are interested in learning about defensive strategies
  • Security professionals who are interested in learning about web application security
  • Auditors who need to understand defensive mechanisms in web applications
  • Employees of PCI compliant organizations who need to be trained to comply with PCI requirements


  • Requires a basic understanding of web application technology and concepts.

What you receive

  • Custom vulnerable VM(s) as well as other open source vulnerable VMs
  • Course workbook of lectures and labs for the five days of training
  • Final Exam to test competency of topics discussed
  • ESA Application Security In Practice Certificate of Completion
  • Video of the complete course available for 60 days after completion of course