Get in touch

We use HubSpot CRM to process and manage contact and information requests. Please accept the "Functional Cookies" and reload the page to load the contact form.

Services / Cybersecurity & access management

OWASP Top 10 Training

Thinking like a hacker

1 day Remote
Inquire now


The requirements for IT security are growing with the degree of digitalization. This is a situation that poses challenges for many companies. For hackers don’t stand still: They constantly develop – and they are researching new tools and ways to penetrate digital infrastructures.

Anyone who wants to protect their IT infrastructure has to know where the weak points on-site are and be familiar with potential attackers. Defensive strategies can only be effective if you can assess the threats realistically and if you know the attackers’ methods and procedures. The key to building experience and knowledge in the cybersecurity sector is the ability to imagine yourself practically in the attacker’s shoes.


Think like a hacker: Reveal the 10 most common security gaps in web applications – and prevent them.

In this training, the AOE Academy will present the OWASP TOP 10 and explain the list of the 10 most common attack vectors using practical examples in the programming languages Java, PHP, Go, and Python. In addition, you can do interactive exercises in our OWASP lab and thereby gain some real hands-on experience.

Target group

All development teams and developers


Hands-on training, interactive lab & live hack: In the course of the training, the individual types of security gaps will be examined and traced and tried out in the OWASP lab. With the interactive OWASP LAB, participants can complete exercises on the topics and gain practical experience.

Training structure:

  1. Overview of the OWASP TOP 10
  2. Security Misconfiguration
  3. Injection
  4. Broken Authentication
  5. Insufficient Logging & Monitoring
  6. Broken Access Control
  7. Sensitive Data Exposure
  8. Cross-site Scripting (XSS)
  9. Using Component with known vulnerabilities
  10. Insecure Deserialization
  11. XML External Entities
  12. I noticed something unusual. What now?

A sneak peak into the OWASP Lab

Organizational information

  • Suitable for all teams
  • Language: English or German, depending on preference
  • Time: 1 day
  • Location: online
  • Group size: from 5 to 8 participants
Martin Eckes

Martin Eckes

Project managers for the management / microtech GmbH
Optimal balance of specialized knowledge and practical examples! Thanks to the OWASP lab’s virtual test environment, our employees were able to apply what they learned practically right away and gain valuable experiences for their day-to-day work. The training is a must-have for developers!
Bastian Ike

Our trainer: Bastian Ike

Bastian Ike is Security Division Lead on AOE’s Cybersecurity Team. For years, AOE has successfully helped companies implement IAM systems, keycloak projects, penetration tests, DevSecOps, and security in microservice architectures.