Which programming languages are covered?

JavaScript/TypeScript, Python, Java, C#. We adapt examples to your tech stack.

Do participants need special prior knowledge?

Solid programming skills are required. Security prior knowledge is not.

How long is the workshop?

OWASP Top 10 intensive: 1 day. Complete DevSecOps: 2 days. Security Code Review: half day.

Yes: checklists, code examples, lab access for 30 days after the workshop.

Is there a follow-up?

Yes, 4 weeks after the workshop we offer a Q&A session to clarify open questions.

Which programming languages are covered?

JavaScript/TypeScript, Python, Java, C#. We adapt examples to your tech stack.

Do participants need special prior knowledge?

Solid programming skills are required. Security prior knowledge is not.

How long is the workshop?

OWASP Top 10 intensive: 1 day. Complete DevSecOps: 2 days. Security Code Review: half day.

Yes: checklists, code examples, lab access for 30 days after the workshop.

Is there a follow-up?

Yes, 4 weeks after the workshop we offer a Q&A session to clarify open questions.

Axis/Port. | Secure Coding Workshop (OWASP Top 10)

OWASP Top 10 in Practice

The OWASP Top 10 is the standard for web application security. Our workshop goes through each vulnerability with real code examples, live exploitation, and the secure alternative. Participants don't just see what can go wrong, they fix vulnerabilities themselves in a safe lab environment.

DevSecOps: Security in the Pipeline

Security shouldn't arrive only at code review. DevSecOps integrates security into every step of development: automated security tests, dependency scanning, container security. We show your team how to integrate security tools into their CI/CD pipeline and find vulnerabilities before they reach production.

Security Code Review Workshop

Code reviews are the last line of defense before deployment. But only if reviewers know what to look for. Our workshop trains your team's eyes for security-relevant code patterns. With checklists, best practices, and enough practice to reliably identify security issues.