Secure Coding Education

At Manicode Security, our sole focus is teaching your developers to write secure code. Our courses blend decades of research, passion, and practical techniques for immediate impact.

Course Catalog

New: AI Security Courses

Our live, instructor-led courses give web developers, architects, and software professionals the practical skills and techniques required to design, build, and maintain secure web, API, and mobile applications.

Learn to secure your applications

The primary cause of insecurity is the lack of secure software development practices. This highly intensive, interactive, and customizable course provides essential application security training for web applications, web services, and mobile software developers and architects.

Manicode classes are a combination of lecture, security testing demonstration, and code review.

Who are the instructors?

Jim Manico is the founder of Manicode Security, specializing in training developers in secure coding, security engineering, and AI security practices. He is an active investor/advisor with Semgrep, EdgeScan, Nucleus Security, Defect Dojo, RAD Security and others. A recognized speaker and author of "Iron-Clad Java: Building Secure Web Applications", Jim continues to lead industry standards through OWASP initiatives. Connect with Jim via LinkedIn or X/Twitter.

Course Catalog

what you will learn

Learn to architect and implement secure web, API, mobile and AI solutions using real-world, defense-oriented coding exercises and lessons. Manicode offers custom onsite developer training which pulls from the following topics:

  • Identity
  • Authentication
  • Session Management
  • Password Storage
  • Multi-Factor Authentication
  • Access Control Design
  • OAuth 2 Security
  • OpenID Connect Security
  • Web/API Security
  • HTTP Security
  • SQL Injection
  • CSRF
  • Clickjacking
  • HTTPS/TLS
  • 3rd Party Security
  • JSON Web Tokens
  • API Security
  • User Interface
  • File Upload Security
  • HTML & Content Spoofing
  • XSS Defense
  • React Security
  • Vue.js Security
  • Angular & AngularJS Security
  • Content Security Policy (CSP)
  • AI New!
  • AI Security
  • Secure AI Development
  • OWASP Top 10 for LLM
  • AI Model Security
  • Adversarial Machine Learning
  • AI Governance
  • Cryptography
  • Applied Cryptography
  • Secrets Management
  • Fundamentals
  • Digital Signatures
  • Hash Functions
  • Randomness
  • DevSecOps & Cloud
  • Secure SDLC
  • Threat Modeling
  • DevSecOps
  • Docker Security
  • Kubernetes Security
  • Cloud Security
  • Incident Response
  • Introduction
  • Threat Detections
  • Incident Containment
  • Eradication & Recovery
  • ...and more!

WHO SHOULD ATTEND?

Our classes are ideal for developers, architects, security professionals, DevSecOps engineers, and software teams building modern, secure applications and AI-driven systems.

2-DAY CLASS SCHEDULE SAMPLE:
Students should bring a laptop with administrative access. Course materials will be distributed digitally.

Day 1
9:00 AM
HTTP Security Fundamentals
10:00 AM
OWASP Top Ten (2021–2025)
11:00 AM
SQL & Command Injection Defense
12:00 PM
Lunch and Hands-On Lab
1:00 PM
AI for Secure Code Generation
2:00 PM
Third-Party Library Security
2:30 PM
XSS Defense & Content Security Policy
3:30 PM
React & Modern JavaScript Security
4:15 PM
Cross-Site Request Forgery Defense

Day 2
9:00 AM
Authentication & Session Management
10:30 AM
Access Control Design
12:00 PM
Lunch and Hands-On Lab
1:00 PM
Secure AI Development Lifecycle
2:00 PM
API/Microservices Architecture
3:00 PM
File Upload & Deserialization Security
3:45 PM
Threat Modeling

You can and will write secure code

© 2025 Manicode Security