O'Reilly logo

O'Reilly School of Technology

Log In

Call 707-827-7288

Live Chat

New Web Security Course Teaches Web Application Protection from Hackers

Become a More Secure Programmer by Learning How to Find and Fix Security Bugs

It seems like every few months we hear about a new data breach where millions of credit card numbers or passwords get into the hands of the bad guys. Why does this happen so often? It isn’t because the bad guys or gals are uberleet ninjas who can take down an application in thirty seconds. While some of those super hackers might exist, they’re so good that they wouldn’t even get noticed. No, these security breaches happen because programmers often develop software that contains holes in the security or an unsecured infrastructure. The newest O’Reilly School course, Introduction to Web Application Security, focuses on the fundamentals of writing secure software.

In this web security course, we focus on application security issues that tend to affect the most applications. The vast majority of issues boil down to just a few types. While I don’t touch on every type of security vulnerability, the course does cover the major categories, giving the student broader knowledge that can be applied to other security issues. User experience issues, performance problems and other bug types can become security bugs if an attacker finds a way to leverage those problems maliciously. If developers write code that is more secure, attacks are less likely to succeed and the user has a better experience.

In this course, you will build a simple web application, then test and find security problems in these and other areas:
– Common flaws with authentication and authorization
– Output encoding, including issues like cross-site scripting and SQL injection
– The many different ways to handle validating input and why some approaches are better than others
– How to store passwords securely and the theory behind different methods
– How to store user input in different file formats

While this web security course is focused on web applications, the skills you’ll learn can be applied to all other types of applications, such as n-tiered, mobile, and backend services. Much of security testing involves viewing a target and thinking about ways to break it. This course will teach you to look at applications like a potential hacker, as well as a solid and secure programmer.

For more information on our Introduction to Web Application Security course, please contact our most excellent Student Services team at info@oreillyschool.com or (707) 827-7288.


  • Mike Poston

    My second class at
    O’Reilly was beginner’s XML. As a digital marketing executive, preparing for a
    new job with a digital content distribution company, I wanted to learn the
    basics of HTML, XML and JavaScript. I do not plan to be a developer. I wanted
    to get a better understanding of web coding to help me work more effectively
    with developers during scrum meetings. I
    found the introductory courses at O’Reilly and signed up for 3. The marketing
    materials said the courses were 70 to 90 hours long. Don’t be fooled. Each
    course takes 250 hours. They are introductory level until about half way. At the half way point the assignments ramp up
    to intermediate level. You are asked to do things in assignments that are NEVER
    COVERED in the coursework. That might not be bad, but you also don’t have a
    teacher to help you. O’Reilly calls some of its employees “Instructors” or “Teachers”.
    Again, don’t be fooled, they teach you nothing.
    About the best I can call these people are lazy graders, who don’t take
    the time to look at half of your coding homework that you spent hours
    developing. The “Teacher” (grader) on one
    of my XML assignment demanded 12 rounds of edits before she accepted my
    assignment. If O’Reilly is really interested in teaching, and I had not
    learned an important concept during the 12-edit assignment, shouldn’t the
    instructor have taught me the missing concepts after the first edit or two? Now,
    you also might be thinking …. maybe Mike is not smart enough to learn
    coding. I have an engineering degree and
    a technical MBA from a top-20 school. I have 13 digital certifications from
    Adobe, Google and Microsoft. Yes, I am now an angry customer. There are many alternatives for on-line
    education. THINK TWICE before spending any time or money at O’Reilly. And if Lorrie Coey is assigned as your
    “Teacher” (grader) do yourself a favor and ask for someone else. John Baker was my grader for the HTML class
    and that was actually a good experience.