Secure Programming Foundation course

2-day introduction to Secure Programming

The Secure Programming Foundation course is the first level in the SECO-institute's S-CSSL certifcation track.


The Secure Programming course teaches you the basic principles of secure web development while preparing you for the Secure Programming Foundation exam. You will learn about web application vulnerabilities and the ways to discover, prevent and eradicate them. During the course, we will explore the material using quiz-style questions, exercises and live demonstrations of vulnerable applications.

With a Secure Programming certification, you will be internationally recognised as a secure software developer. 


Target audience

The course is aimed at every programmer or software developer responsible for developing (web) applications. The course is suitable for both novice and experienced developers. 


Required knowledge

There is no prior knowledge other than coding/ programming knowledge required to attend this course. Affinity with web technology is desired.  


Exam, course material and certification

The SECO-Institute exam is conducted by EXIN and consists of multiple choice questions. The course will provide you with all the knowledge you need to pass the exam. Upon successful completion of your exam, you will receive a "Secure Programming Foundation" certificate from EXIN. Both the course material and the exam are in English. The exam is not included in this course. You can register for the exam via this link.


Secure Software Foundation level 

This course constitutes the first level of the Certified Secure Software Leader certification track of the SECO-Institute's Cyber Security & Governance Certification Program. Our Secure Programming Practitioner and Expert courses are currently under development and will become available in the near future.  More information on this certification program can be found on the SECO-institute website


This course is also available online

SECO-Institute offers this course online through their virtual classroom environment. For the virtual classroom, click here to see available dates. For our classroom course, see available dates below.


Just as in a real-world classroom, a student in a virtual classroom participates in synchronous instruction, which means that teacher and students are logged into the virtual learning environment at the same time. The advantage of a virtual classroom is that students from all over the world can participate without travel expenses.


  • Module 1 - Introduction to Secure Programming

    We discuss issues surrounding unsafe software: what are the problems, how do they arise, and what can we do about them.

  • Module 2 - Software vulnerabilities

    We look at the origins of software vulnerabilities, how an attacker can exploit these vulnerabilities, and how we can prevent this from happening. Although we use web demonstrations to illustrate these concepts, the principles behind secure programming can, of course, be applied to other software projects. We cover authentication, session management and the use of input validation to prevent injection attacks such as SQL injection and buffer overflow. We also explore the issue of cross-site scripting and security models in browsers.

  • Module 3 - Implementing Security in Software

    In this module, we discuss the implementation of authorisation, logging, error handling and denial of service attacks. Encryption is also an important element of security, so this module aims to cover the use of encryption as well.

  • Module 4 - Integrating Security into the Development Process

    Finally, we talk about how to integrate security into the development phases; defining requirements, design, coding, and testing.

  • Features

    • 2-day introductory course 
    • Course is available as Classroom or Virtual Classroom training
    • Official SECO-Institute course material will be provided through the Security Academy's Student Portal where you will find the course slides and plenty of additional courseware
    • Study load: 
      Contact hours: 14 hours (two days, minus breaks) 
      Self-study: 7 hours spread over the entire course 
    • Part of the  SECO-Institute's Secure Software certification track
    • EXIN examination (not included)

    Course information


    • Very clear and broad explanation of security conceptsAnonymous

    Sign up for the newsletter.

    Others also viewed

    Your Internet Explorer is out of date.

    This website can not be viewed with this browser!

    Upgrade your browser to the latest version of Internet Explorer 8 or install another browser, such as Firefox or Google Chrome.