Secure Coding Education

At Manicode Security, we teach both developers and AI systems to write secure code. Our live and downloadable courses combine decades of research, passion, and hands-on techniques for immediate impact. We also provide AI prompt packs that train AI to generate secure code.

Course Catalog

New: AI Security Courses

Our live or downloadable instructor-led courses give web developers, architects, software professionals and AI engines the practical skills and techniques required to design, build, and maintain secure web, API, and mobile applications.

Learn to secure your applications

The primary cause of insecurity is the absence of secure software development practices. Our intensive, interactive, and customizable courses deliver essential application security training for web, services, mobile developers and architects - available both live and as downloadable modules. We also provide AI-focused training and prompt packs, helping teams and AI systems build security in from the start.

Manicode classes are a combination of lecture, security testing demonstration, and code review.

Who are the instructors?

Jim Manico is the founder of Manicode Security, specializing in training developers in secure coding, security engineering, and AI security practices. He is an active investor/advisor with Semgrep, EdgeScan, Nucleus Security, Defect Dojo, RAD Security and others. A recognized speaker and author of "Iron-Clad Java: Building Secure Web Applications", Jim continues to lead industry standards through OWASP initiatives. Connect with Jim via LinkedIn or X/Twitter.

Course Catalog

what you will learn

Learn to architect and implement secure web, API, mobile and AI solutions using real-world, defense-oriented coding exercises and lessons. Manicode offers custom onsite developer training which pulls from the following topics:

  • Identity
  • Authentication
  • Session Management
  • Password Storage
  • Multi-Factor Authentication
  • Access Control Design
  • OAuth 2 Security
  • OpenID Connect Security
  • Web/API Security
  • HTTP Security
  • SQL Injection
  • CSRF
  • Clickjacking
  • HTTPS/TLS
  • 3rd Party Security
  • JSON Web Tokens
  • API Security
  • User Interface
  • File Upload Security
  • HTML & Content Spoofing
  • XSS Defense
  • React Security
  • Vue.js Security
  • Angular & AngularJS Security
  • Content Security Policy (CSP)
  • AI New!
  • AI Security
  • Secure AI Development
  • OWASP Top 10 for LLM
  • AI Model Security
  • Adversarial Machine Learning
  • AI Governance
  • Cryptography
  • Applied Cryptography
  • Secrets Management
  • Fundamentals
  • Digital Signatures
  • Hash Functions
  • Randomness
  • DevSecOps & Cloud
  • Secure SDLC
  • Threat Modeling
  • DevSecOps
  • Docker Security
  • Kubernetes Security
  • Cloud Security
  • Incident Response
  • Introduction
  • Threat Detections
  • Incident Containment
  • Eradication & Recovery
  • ...and more!

WHO SHOULD ATTEND?

Our classes are ideal for developers, architects, security professionals, DevSecOps engineers, and software teams building modern, secure applications and AI-driven systems.

2-DAY CLASS SCHEDULE SAMPLE:
Students should bring a laptop with administrative access. Course materials will be distributed digitally.

Day 1
9:00 AM
HTTP Security Fundamentals
10:00 AM
OWASP Top Ten (2021–2025)
11:00 AM
SQL & Command Injection Defense
12:00 PM
Lunch and Hands-On Lab
1:00 PM
AI for Secure Code Generation
2:00 PM
Third-Party Library Security
2:30 PM
XSS Defense & Content Security Policy
3:30 PM
React & Modern JavaScript Security
4:15 PM
Cross-Site Request Forgery Defense

Day 2
9:00 AM
Authentication & Session Management
10:30 AM
Access Control Design
12:00 PM
Lunch and Hands-On Lab
1:00 PM
Secure AI Development Lifecycle
2:00 PM
API/Microservices Architecture
3:00 PM
File Upload & Deserialization Security
3:45 PM
Threat Modeling

You can and will write secure code

© 2025 Manicode Security