Two weeks of training and 18 courses available at SANS Virginia Beach - Aug. 19-30. Save $350 thru 6/26.

Secure Software Development Courses

Businesses depend on applications to service organisational and customer needs. Criminals are targeting software - native applications, web applications and embedded code - with the hope of making a profit.

SANS Secure Software Development is designed to foster safety by design. Our developer security training courses teach students to:

  • Build securely - Learn defining security principles
  • Hunt for flaws - Learn to find security issues in existing code
  • Different languages - Courses address .NET, C & C++, JAVA/JEE
  • SANS is forward thinking - Our Software Security curriculum exemplifies our drive to stay one step ahead of the bad guys
  • Be taught be an expert - SANS Instructors are real-word practitioners who specialise in architecting defensible applications
  • Extensive courseware - Students receive a wide selection of textbooks, tools, and learning resources

SANS Institute is the world's largest provider of cyber security training. For over twenty five years we've worked with an FTSE 500 companies and partners, keeping data, networks and people safe from digital criminality.

Click here to jump to our full Secure Software Development course list

Why SANS' Developer Security Training?

SANS Secure Software courses are created to equip programmers with the skills and knowledge to write secure code, and recognise the security shortcomings in existing code.

Outside of the classroom our Secure Software Instructors are highly respected practitioners and proponents in the field of defensive programming.

SANS Training is designed to be very hands on. Expect a rigorous list of live, code based lab exercises.


To support Software students, we provide a library of Resources.

These include:

  • Textbooks - SANS Secure Software courses are written by security experts. SANS regularly rewrites its courses - and all the supporting content - to ensure our training addresses the latest threats, exploits and attack vectors
  • Virtual machines - Linux virtual machines, pre-installed with key applications and tools
  • Source code - We provide the code students have explored in class so they can revisit and rehearse what they've learned
  • Free Resources - There are free resources available to support the development community on our Posters and Downloads page

Training Delivery

SANS offer several different means by which students can access our courses:

For questions about training read our FAQs and student Testimonials.

Secure Software Developer Courses


GIAC Certifications are respected as the benchmark for cyber security skills.

Earning a GIAC Certification validates the holder's technical abilities and knowledge. For employers, having a GIAC Certified employee removes any doubt about their technical abilities.

SANS Secure Software Development Courses

SANS offers six distinct Secure Software Training Courses. They span three families: Core, Advanced and Specialist.

SANS Core Secure Software Development Courses

DEV522 is our core Secure Software course. It covers the fundamentals of building secure web apps. These include infrastructure security, server configuration, authentication, coding errors and business logic flaws.

SANS Advanced Secure Software Development Courses

.NET and Java/JEE are the foundations of many business critical web applications. They are also the focus of many direct attacks by criminals.

DEV541 focusses on creating defensible Java applications, while DEV544 explores hardening .NET applications against attack.

Pen testing applications is an invaluable way of spotting flaws before the bad guys do. SEC542 looks at how to use the tools, techniques and methods hackers leverage when searching for vulnerability, and how to deploy them in a safe and ethical manner.

SANS Specialist Secure Software Development Courses

C and C++ are the programmatic foundations upon which many operating systems, embedded systems, network services and utilities are built. DEV543: looks at the common flaws that affect code written in these languages and how to defend against them.

Click on a course in the table below to see a more detailed description and to book.

Secure Software Development Curriculum
Course Certification
Level 1 SEC534: Secure DevOps: A Practical Introduction
DEV522: Defending Web Applications Security Essentials GWEB
Level 2 SEC540: Cloud Security and DevOps Automation
DEV541: Secure Coding in Java/JEE: Developing Defensible Applications GSSP-JAVA
DEV544: Secure Coding in .NET: Developing Defensible Applications GSSP-.NET
Specialty Courses SEC542: Web App Penetration Testing and Ethical Hacking GWAPT
SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques

Training Events Offering Secure Software Development Courses
Event Dates Register
SANS Munich July 2019 Jul 01 - Jul 06, 2019  
SANS London July 2019 Jul 08 - Jul 13, 2019  
SANS Pen Test Hackfest Europe 2019 Jul 22 - Jul 28, 2019  
SANS Prague August 2019 Aug 12 - Aug 17, 2019  
SANS Munich September 2019 Sep 02 - Sep 07, 2019  
SANS Brussels September 2019 Sep 02 - Sep 07, 2019  
SANS Paris September 2019 Sep 16 - Sep 21, 2019  
SANS London September 2019 Sep 23 - Sep 28, 2019  
SANS Riyadh October 2019 Oct 05 - Oct 10, 2019  
SANS London October 2019 Oct 14 - Oct 19, 2019  
SANS Amsterdam October 2019 Oct 28 - Nov 02, 2019  
SANS Paris December 2019 Dec 02 - Dec 07, 2019  
Online Training: SANS OnDemand
Private Training
Event Dates Register
Private Training Course of Your Choice Your Choice