Top 10 security issues and solutions – part 1 (CYRUS)

Developed within the framework of the CYRUS project (funded by the DIGITAL Europe Programme of the European Union) the first part of the course "Top 10 security issues and solutions" dives into the specifics of writing secure code and web applications, and explores challenges associated with web vulnerability. 

Background 

Writing secure web applications is a serious task that can pose a range of challenges - from dealing with legacy technologies or undocumented third-party components, to keeping up to tight deadlines and code maintenance tasks. Find new ways to look at code and learn to identify common weaknesses and their potential consequences - including the ways hackers can exploit them to breach your code. You will also discover a range of good practices in protecting yourself, and your web applications. ]

About this course

The course covers typical web vulnerabilities, focusing on how they impact applications across the entire stack—starting from the base environment to modern AJAX and HTML5-based frontends. The course also delves into security concerns specific to different platforms and highlights common programming mistakes to avoid. Through live practical exercises, you will gain hands-on experience that will keep you engaged while learning to write more secure code.

Writing secure code gives you a distinct advantage over your competitors and helps protect against cybercrime. The course covers the first two issues of the OWASP Top 10: Security misconfiguration, broken access control and cryptographic failures, providing you with the knowledge to safeguard your web applications effectively.

Learning outcomes

By the end of this training, you will: 

• Understand basic concepts of security, IT security and secure coding practices
• Identify web vulnerabilities beyond the OWASP Top 10 and learn methods to mitigate them
• Learn about XML security
• Understand client-side vulnerabilities and apply secure coding practices to prevent them
• Recognise typical coding mistakes and strategies to avoid them
• Gain insights into recent vulnerabilities in the Java framework
• Access additional resources and readings on secure coding practices to continue learning
• Further instructions

The training is free of charge and offered as self-paced e-learning available on demand (duration: approximately 2.5 hours) from April 2025 to October 2025.

Further details

To move forward in this e-learning course, watch each video completely before starting the next lesson. The system is designed to track your progress and will only unlock the subsequent lessons once the current video has been completely viewed. Additionally, after completing each lesson, you must manually mark it as completed to confirm your understanding and maintain an organised learning flow. These steps are crucial for ensuring a seamless and effective learning experience.

Enjoy the training and dive into it here!