Secure Programming Foundation

Secure Programming Foundation course

Training & Exam

What will you learn?

  • Understand the role of the programmer within the scope of the SDLC
  • The most important types of coding mistakes that lead to insecure software, and how they are exploited by attackers
  • How to analyse code and identify the most common mistakes that lead to security problems
  • How to verify the security of code


  • 2 days of training
  • 8 hours of self study
  • Exam voucher included

About this Course


Secure Programming Foundation offers an intensive hands-on introduction to secure software development. In this course, you will learn what common programming errors can lead to software vulnerabilities, how these errors are exploited by attackers, and how you can prevent the software flaws that enable cyberattacks. Through a structured approach, based on the Framework Secure Software, you will learn the basic skills for developing secure applications

Intended audiences

  • Developers that have limited knowledge of secure programming or need an update of their knowledge
  • Professionals that need to interact with secure programmers, but are not a programmer themselves (i.e. those who need to speak the language of secure programmers, but do not have to produce the code themselves)
  • Those with an interest in secure coding in general

What’s included?

  • 2 days of training from a senior instructor that will practice what he/ she preaches
  • Official SECO–Institute course materials
  • Practice exam
  • Secure Programming Foundation exam
  • “S-SPF” digital Acclaim badge when you pass the exam
  • 1- year free SECO Membership

Course modules

The fundamentals of secure software

  • Introduction to Secure Software Development Life Cycle
  • Principle of threat modelling
  • Development models related to secure programming (Agile,DevOps, etc.)
  • Development models specific to secure programming (BSIMM,OWASP ASVS, Mitre SEG security paragraphs, DevOpS CI/CD…)

Overview of the security aspects in software

  • Intro to SECO’s Secure Application Testing Framework
  • Practical examples of pitfalls and remediations
  • The importance of layering and isolation
  • The mentality of security

Common mistakes & code verification techniques

  • More in-depth common scenario’s, like authentication/session management, input handling, secure use of external dependencies, tamper-proof logging
  • Treatment of code verification

About the exam

Exam information

  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 40 multiple choice questions
  • Time: 60 minutes

Why SECO-Institute?

SECO- Institute courses are very hands on oriented and aimed at gaining actionable knowlegde and skills. We only work with freelance, senior instructors that guided many customers in their efforts to reach a secure development practice. Their unique blend of in-depth security expertise with a strong development background enables you to not just understand the risks but how to actually produce secure code. SECO- Institute instructors have gone through a scrutinous accreditation process, where they’re tested on domain expertise as well as communication- and presentation skills. When not consulting or teaching, you will find them presenting on international cybersecurity conferences and supporting non- profit community driven projects, sharing their knowledge and expertise for the greater good.

Training Schedule, Information and Registration

Register Now

  • Starts: April 20
  • Online Live Training
  • 3 sessions of 4,5 hours
  • Exam voucher included

Find a training partner

  • Find a SECO-Institute accredited training partner in your country

Partner with us

  • Benefit from our global network, comprehensive content and certifications to increase engagement with your students

Become a trainer

  • Join the global community of SECO- Institute accredited Trainers