Get in Touch

Course Outline

Introduction

Overview of the Web Security Testing Guide

  • The OWASP Testing Project.
  • Tailoring and prioritising for organisations.
  • Testing principles and techniques.
  • Security testing objectives and requirements.

Exploring Various Testing Techniques

  • Manual inspections and reviews.
  • Threat modelling.
  • Source code review.
  • Penetration testing.
  • Integration of security testing and data analysis.

Understanding the OWASP Testing Framework

  • Activities spanning development to deployment.
  • Maintenance and operations.
  • End-to-end lifecycle testing framework and workflow.
  • Penetration testing methodologies.

Performing Web Application Security Testing

  • Information gathering.
  • Configuration and deployment management testing.
  • Identity management testing.
  • Authentication and authorisation testing.
  • Session management testing.
  • Input validation testing.
  • Testing for error handling.
  • Testing for weak cryptography.
  • Business logic testing.
  • Client-side testing.
  • API testing.

Reporting the Testing Assessment and Results

  • Introduction section.
  • Executive summary.
  • Findings section.
  • Appendices.

Getting Involved in the Web Security Testing Guide

  • Referencing and linking WSTG scenarios.
  • Code of conduct.
  • Contribution guide.
  • Feature requests and feedback.

Summary and Conclusion.

Requirements

  • A fundamental understanding of the web development lifecycle.
  • Experience in web application development, security, and testing.

Audience

  • Developers.
  • Engineers.
  • Architects.
 21 Hours

Number of participants


Price per participant

Open Training Courses require 5+ participants.

Testimonials (2)

I really enjoyed learning about AI attacks and the tools out there to begin practicing and actively using for security testing. I took a lot of knowledge away which I didn't have at the beginning and the course met what I hoped it would be. My favorite part shown from the training was Comet Browser and was amazed at what it could do. Definitely something will be looking into more. Overall it was a great course and enjoyed learning all OWASP GenAI Top 10.

Patrick Collins - Optum
Course - OWASP GenAI Security

That every technical lesson came with multiple practical exercises to nail down the concepts.

Andrei-Calin Bajea
Course - OWASP Top 10 2025

Provisional Upcoming Courses (Require 5+ participants)

OWASP Web Security Testing Guide

2026-07-13 09:30
21 hours
London Circuit
7500 AUD (Online)
17790 AUD (Classroom)

OWASP Web Security Testing Guide

2026-07-27 09:30
21 hours
200 Mary Street, Brisbane
7500 AUD (Online)
17790 AUD (Classroom)

OWASP Web Security Testing Guide

2026-08-10 09:30
21 hours
Adelaide City Central
7500 AUD (Online)
17790 AUD (Classroom)

OWASP Web Security Testing Guide

2026-08-24 09:30
21 hours
Melbourne 385 Bourke Street
7500 AUD (Online)
17790 AUD (Classroom)

OWASP Web Security Testing Guide

2026-09-07 09:30
21 hours
Cliftons Perth
7500 AUD (Online)
18450 AUD (Classroom)

Related Courses

DevSecOps Firefight: Breach, Fix & Fortify

 7 Hours

This world-class, cutting-edge, hands-on workshop immerses participants in the critical realities of modern CI/CD pipeline security. Designed for security professionals, DevOps engineers, and developers eager to master advanced pipeline breach defense, the training blends live attack simulations with industry-leading tools and practical defense techniques.

Read more...

OWASP GenAI Security

 14 Hours

Based on the latest OWASP GenAI Security Project guidance, participants will learn to identify, assess, and mitigate AI-specific threats through hands-on exercises and real-world scenarios.

Read more...

OWASP Top 10 2025

 14 Hours

This instructor-led, live training in Australia (online or onsite) is aimed at web developers and leaders who wish to explore and implement the OWASP Top 10 reference standard to secure their web applications.

By the end of this training, participants will be able to strategise, implement, secure, and monitor their web applications and services using the OWASP Top 10 document.

Read more...

How to Write Secure Code

 35 Hours

This course aims to assist with the following:

  1. Empower developers to master the techniques of writing secure code.
  2. Enable software testers to assess application security prior to deployment in production environments.
  3. Assist software architects in understanding the risks associated with applications.
  4. Support team leaders in establishing security baselines for their development teams.
  5. Guide webmasters in configuring servers to avoid misconfigurations.
Read more...

Secure Developer Java (Inc OWASP)

 21 Hours

This course explores secure coding concepts and principles for Java, utilising the testing methodologies of the Open Web Application Security Project (OWASP). The Open Web Application Security Project is a global community dedicated to producing freely accessible articles, methodologies, documentation, tools, and technologies focused on web application security.

Read more...

Secure Developer .NET (Inc OWASP)

 21 Hours

This course delves into secure coding concepts and principles within ASP.NET, utilising the testing methodology of the Open Web Application Security Project (OWASP). OWASP is an online community dedicated to creating freely accessible articles, methodologies, documentation, tools, and technologies in the realm of web application security.

The course explores the security features of the .NET Framework and demonstrates how to protect web applications.





Read more...

Related Categories

OWASP
OWASP