This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Education/Free Training

From OWASP
Jump to: navigation, search

Owasp banner web edu.jpg

The following courses either have been offered or are being offered free of charge courtesy of the trainers and the OWASP Foundation to anyone interested in learning about application security. Additionally, the training slides/coursework is available under an open source license and we encourage you to use it to set up your own training event!


  • NEW* 11-April 2016, OWASP is experimenting with GOTOTraining as a platform to enable project leaders to provide training on their project to the world. For more information CLICK HERE


If you are interested in setting up a training event through OWASP, submit your request here, we also have funding available to community members who may need help with travel, a venue or other logistics to get the event up and running. Click here for more information.


Here are some general guidelines we have set up for free training courses within the OWASP Community:

  1. Use free and local when possible - donated venues or universities as well as trainers that are near by will help save on overhead costs
  2. Use open source training materials - we ask that you make your training materials available after the course, preferably in an editable format
  3. Use OWASP template for slides and keep any company branding to one bio slide
  4. Do an open call for training when possible to avoid giving preference to any one vendor/trainer and give others in the community a chance to participate
  5. If possible, do the training in a way and time that doesn't compete with paid training (especially at Global AppSec Conferences)

Credits: A sincere thank you to Eoin Keary, Jim Manico, Dan Cornell, Josh Sokol and others who generously donated training content referenced below.

Training Courses, Trainer Data, and Material
Training Name/Topic Trainer Name(s) Training Materials Training Location Training Date Number of Attendees
Analyzing (Java) Source Code for Cryptographic Weaknesses- Editable slides (ODP), with speaker's notes, and non-editable (PDF), without speaker's notes Kevin W. Wall File:Kwwall-owasp-prezo-CryptoCodeWeaknesses--2015-12-03.odp and File:Kwwall-owasp-prezo-CryptoCodeWeaknesses--2015-12-03.pdf Columbus, OH OWASP Chapter Dec 03, 2015 18
Introduction to Application Security - Editable slides (pptx) Josh Sokol, Dan Cornell Training Slides LASCON 2015 October 21, 2015 100
Application Security – Where do I start? Jim Manico, Eoin Keary, Michael Coates Training Slides Jillians
San Francisco, CA
Feb 24, 2014 200
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary How_Do_I_Approach_Application_Security-1 RSA 2013 EU, RSA 2013 USA, Lascon 2013 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary HTTP Basics RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary Secure Storage RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary Injection RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary XSS RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary UI Redress RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary SSL-TLS RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary, Cassio Goldschmidt HTTPS Best Practices AppSec Cali 2015, SoCal 2015 500+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary Virtual Patching / WAF RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+
Approaching App Sec - Editable slides (pptx) Jim Manico, Eoin Keary Access Control RSA 2013 EU, RSA 2013 USA, Lascon 2013, OWASP AsiaPac 2014 1000+