Web & API Security Training

This training provides comprehensive knowledge on the secure design, implementation, and testing of web applications. Participants learn how to better assess the security of their software and how to implement appropriate measures and activities in practice. We draw on our own experience in software development projects, enabling us to share realistic best practices.

Choose a date Request individual date

Home / Academy / Web & API Security Training

At a glance

General information

2 days
On-site or remote
Language: English or German
Includes lab access for independent hacking during and up to 4 weeks after training

Target group

Web application developers (front-end/back-end/DevOps)

Application examples

Creating understanding of vulnerabilities and countermeasures in web applications
Providing methodology for systematic threat modeling

Description

With the increasing importance of software systems for digital business models, the threats to which these systems are exposed are also growing. If security aspects are neglected or not taken into account from the outset, it is often only a matter of time before this leads to problems. In addition to actual vulnerabilities, attacks, and data loss, image problems caused by negative publicity and the associated loss of trust are also a serious risk for systems and companies.

We offer both public training courses on fixed dates and individual training courses with customizable focus areas.

Agenda

Introduction: Secure Web Applications
Threat Modelling
- Threat analysis for methodical security
  Frameworks and methods
  Integration into development processes
Secure Coding Principles
- Principles for secure system design
- Best practices for input validation, authentication, and authorization
Vulnerabilities in web applications
- The 10 most common vulnerabilities in web applications
- Identifying vulnerabilities and appropriate countermeasures
- Guided hacking of a deliberately vulnerable web application
Security Tests
- Types of security tests, test tooling
- Strengths and weaknesses
- Evaluation of findings (vulnerability analysis)

Typical questions we answer:

How can software developers identify and assess threats and risks to their software?
What security requirements should be considered when developing software, and how can they be implemented?
What are the best practices for implementing web applications, for example with regard to authentication, authorization, or input validation?
How can a web application be checked for security vulnerabilities?

Web & API Security Training

€1,400.00 (p.p., plus VAT)

Upcoming trainings

10.06.2026 - 11.06.2026, Munich, German, €1,400.00 - Book now

16.09.2026 - 17.09.2026, remote, German, €1,400.00 - Book now

07.10.2026 - 08.10.2026, remote, English, €1,400.00 - Book now

+ 2 more

signed certificate of participation
experienced trainers
small training groups

Choose a date

Do you need a targeted, individual training according to your company needs? Request now

€1,400.00 (p.p., plus VAT)

Choose a date

Trainers

Our trainers are field-tested experts in their areas of expertise. Through their work in projects, they expand their knowledge day by day and pass on this know-how in their trainings - application-oriented and practice-oriented.

Michael Fuchs

Michael Fuchs has been working at the intersection of software development and IT security since 2018. After working as a software developer with a focus on security at inovex and as a site reliability engineer at Munich University of Applied Sciences, he joined inovex as a software security engineer in 2025. There, he supports development teams at the conception and implementation level. His focus is on strong authentication, DevSecOps practices in microservices architectures, and zero-trust concepts.

More trainings with Michael Fuchs →

Why inovex Academy?

Our offer

The inovex Academy has set itself the task of passing on knowledge about methods and technologies that we already use successfully in our projects.

Exchange experiences

In our open training courses, we attach great importance to the exchange of experience among like-minded people. Learn from and with other experts.

Curated content

All training content is carefully selected to achieve the best possible learning effect and to convey as much content as possible.

Individual Assistance

Our trainers come from a practical background and have already tested and successfully applied many of the contents taught in their daily work.

Customized flight altitude

Our training courses start where many standard courses end. Thanks to their interactive structure, we dynamically adapt the level to the participants' expert knowledge and are happy to delve deeply into complex issues.

Upcoming trainings

Show details 10.06.2026 - 11.06.2026 German Munich Slots available €1,400.00 (p.p., plus VAT) Book now

Show details 16.09.2026 - 17.09.2026 German remote Slots available €1,400.00 (p.p., plus VAT) Book now

Show details 07.10.2026 - 08.10.2026 English remote Slots available €1,400.00 (p.p., plus VAT) Book now

Show details 18.11.2026 - 19.11.2026 German Hamburg Slots available €1,400.00 (p.p., plus VAT) Book now

Show details 09.12.2026 - 10.12.2026 German Cologne Slots available €1,400.00 (p.p., plus VAT) Book now

No suitable dates? Request individual date

Supplementary information

General terms and conditions

Cancellation policy

Go back

We are your partner for successful trainings

We would be happy to talk to you personally about your concerns. Get in touch now!

Collin Rogowski

Head of inovex Academy

Call Send email

Individual training offer for your company
Over 25 years of experience as inovex Academy