Certified Secure Web Application Engineer

Become a Certified Secure Web Application Engineer to safeguard applications against the latest internet threats and vulnerabilities, perfect for developers and IS managers seeking to secure web-based services effectively.

Course Category Icon

Essential Skills Gained

Checkmark

Design robust and secure web applications.

Checkmark

Implement security testing and validation protocols.

Checkmark

Understand OWASP top vulnerabilities and threat modeling.

Checkmark

Develop skills to pass the C)SWAE certification exam.

Format

  • Instructor-led
  • 5 days with lectures and hands-on labs.

Audience

  • Coders
  • Web Application Engineers
  • IS Managers
  • Developers

Description

Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications. The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applications that aren’t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack. The vendor neutral Certified Secure Web Application Engineer certification provides the developer with a thorough and broad understanding of secure application concepts, principles and standards. The student will be able to design, develop and test web applications that will provide reliable web services that meet functional business requirements and satisfy compliance and assurance needs. The Certified Secure Web Application Engineer course is delivered by high level OWASP experts and students can expect to obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against application threats. Mile2 Accreditations:

  1. Accredited by the NSA CNSS 4011-4016
  2. Is approved and has been placed on Homeland Security's National Initiative for Cyber Security Careers and Studies (NICCS) training providers and maps to the National Cybersecurity Workforce Framework
  3. Preferred cyber certification for the FBI

Calendar icon

Upcoming Course Dates

October 6-9, 2025

9:00 AM - 5:00 PM

Virtual: Online - US/Eastern

Enroll

$3500

Course Outline

Download PDF

Module 1: Web Application Security

Module 2: OWASP TOP 10

Module 3: Threat Modeling & Risk Management

Module 4: Application Mapping

Module 5: Authentication and Authorisation attacks

Module 6: Session Management attacks

Module 7: Application Logic attacks

Module 8: Data Validation

Module 9: AJAX attacks

Module 10: Code Review and Security Testing

Module 11: Web Application Penetration Testing

Module 12: Secure SDLC

Module 13: Cryptography

Module 1: Environment Setup and Architecture (LAB CONTENT)

Module 2: OWASP TOP 10 2013 (LAB CONTENT)

Module 3: Threat Modeling (LAB CONTENT)

Module 4: Application Mapping & Analysis (LAB CONTENT)

Module 5: Authentication and Authorization attacks (LAB CONTENT)

Module 6: Session Management attacks (LAB CONTENT)

Module 9: AJAX Security (LAB CONTENT)

Module 10: Code Review and Security Testing (LAB CONTENT)

Lab 10-1: Code Review Lab 10-2: Security Test Scripts Lab 10-3: Writing Java Secure Code Annex 11: Alternative Labs Lab 11-1: WebGoat & Webscarab Lab 11-2: WebGoat - Cross Site Request Forgery (CSRF) Lab 11-3: Missing Function Level Access Control Lab 11-4: Perform Forced Browsing Attacks

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.