This training program aims to raise awareness among teams of developers of the IT risks associated with web application development. This module presents the techniques commonly used by hackers. The techniques presented are deepened and put into practice. The module details the best practices to adopt to protect against the attacks presented.


  • Know the main flaws related to web applications
  • Knowing how to detect the presence of the flaws presented
  • Acquire good development practices

Course Curriculum

  • Cybersecurity context
  • Authentication and password management
  • HTTP
  • HTTP field manipulation
  • Session management
  • Path Traversal, LFI
  • Caching
  • RCE
  • XSS
  • SQL Injections
  • CSRF
  • Application denial of service
  • XXE
  • SSRF
  • Unsecured deserialization
  • Type Juggling
  • Log forging
  • Open Redirect
  • OAuth2/OpenID
  • Dependency Confusion

Learning Assessment

  • Completion of online questionnaires after each sub-module
  • Completion of a final online questionnaire covering all the concepts learned
  • In the case of on-site training: carrying out practical exercises

The +

  • Training provided by an expert in web application security
  • The on-site trainings include practical exercises carried out by the participants themselves

Who should attend?

  • Team of web developers


  • Basic knowledge of web environments: web language, SQL and Linux or Windows.

How and
when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed

Registration requests can be sent up to 5 working days before the start of the training.


Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment. If you need compensation or adaptation for the content, the supports, the place, the material used, the schedules, the rhythm, we are at your disposal.


2 days (14h)

+ OPCO support

Download the educational sheet in PDF format

Would you like more information?

contact us by filling out this form

    Almond commits itself to ensure that the collection and processing of your data, carried out from the site, are in conformity with the General Data Protection Regulation (GDPR) and with the modified law n° 78-17 of January 6, 1978, relating to the protection of personal data.
    The information collected on this form is recorded in a file computerized by Almond, in order to answer the requests for information.
    You can access the data concerning you, ask for their correction or their deletion. You also have a right of opposition, and a right to limit the processing of your data (see for more information on your rights).
    You can exercise your rights by contacting Almond's Data Protection Officer at the following address:
    Your data will be kept within the European Union, in accordance with the regulations in force.