Study at your own pace
PWD comes with life-time access to course material and flexible access to the world's best virtual labs on Web Application Security.

Extremely Hands-on
Practice Web App defense against real world attacks. PWD includes the most sophisticated virtual lab on IT Security: Hera Lab
Become Certified
Obtain the eWDP certification and prove your practical skills with the only 100% practical certification on Web Application Defense
Course at a glance
Close the gap between Web application attack and defense
Mitigation advices for multiple platforms and languages
The most comprehensive and practical coverage of the OWASP Testing Guide
Comprehensively aligned to OWASP methodologies, tools and tests
Covers and goes beyond OWASP TOP 10
Detailed techniques and methodology to simplify defense of web applications
No boring theory: practice oriented curriculum
Over 20 different lab scenarios to practice with
Advanced usage of OWASP ZAP, OWASP OWTF, ModSecurity...
Coverage of OWASP Cheat Sheets, OWASP OpenSAMM, OWASP ModSecurity Core Rule Set
After obtaining the eWDP certification qualifies you for 40 CPE

Course material
25 hours of HQ video training material
2700+ slides
20 labs in Hera
Course delivery
Self-paced
Off-line access available
Access from PC, Tablet and Smartphone
Syllabus
Module 1 : Tool Introduction
Module 2 : Information Gathering
Module 3 : Configuration Management
Module 4 : Authentication
Module 5 : Authorization
Module 6 : Session Management
Module 7 : Business Logic Flaws
Module 8 : Data Validation
Module 9 : Cryptography
Module 10 : Denial Of Service
Module 11 : WebServices
Module 12 : Client Side and Phishing
Module 13 : Error Handling and Logging
Module 14 : Applied Secure Coding Principles
Module 15 : Virtual Patching and Intrusion Detection
Module 16 : Securing Web Applications

Pre-requisites
Basic knowledge of programming fundamentals: loops, variables, functions, include files etc
Reading and understanding PHP code will help although not mandatory.
Basic knowledge of tools such as curl, Wireshark, OWASP ZAP (or Burp).
Knowledge of security concepts will be an advantage but is not required
This training course is for...
Web developers
Web app security researchers
Penetration testers
IT admins and staff