The defdev pitch
defdev trainings are designed to significantly improve the security quality
of the software production
by mastering secure coding skills and
through adopting sticky devel practices that systematically reduce defects.
We do trainings on
IoT, docker, AWS and mainframe security, also S-SDLC (secdev playbook),
CI/CD pipeline (security testing automation and vulnerability management) and even about testing w/ burp for devs.
Our courses are mostly structured around the OWASP Application Security Verification Standard
and are based on cloud-hosted
exercises and DIY tasks.
Features of the both public and private trainings:
Advanced and proficiency level courses.
For dev professionals of senior and mid level, team leaders, security champions,
architects and secengs.
Though we try to remain comprehensible and useful
for any person interested in the development process.
We minimize lectures, we minimize the stuff developers forget by the second week.
We do many demos and make students learn the material
by hand with hacking and fixing codes,
and with tabletop exercises in teams.
Intensive 2-3 days delivery.
Performance-oriented both on the stage and the floor.
We monitor the individual learning style of students.
Our trainers are practitioners with authority and have years of experience in enterprise software production:
such as security testers who are good at coding or
senior developers who learnt security testing and S-SDLC.
With the format of the public/theater trainings
(midsize events for 25+ students or 5+ teams from different companies)
we try to achieve such quality and impact in training that it can substitute onsite trainings:
Disruption free environment.
(In contrast, in the atmo of their workplaces the on-site training
attendees may keep tracking their project or even check out
from the training to an important meeting.)
The trainings are delivered by two trainers on stage simultaneously.
We deliver staged performance,
the interacting trainers enjoy the show, and the chemistry with the bigger audience is maintained.
The defdev floor is structured into tables,
we assist students to perform as groups,
which makes students engaged and serves deeper and more practical learning.
Professionals working together in real-life projects are welcome
and we will change their practices.
Teambuilding is a byproduct of the "teams hardening" we do.
Clients/visitors of public and private defdev [and also secmachine] trainings were/are:
JKU Institute für Netzwerke und Sicherheit, Siemens/evosoft, Nokia, GE Healthcare, Opera Software, SAP, Balabit,
AEGON, KBC/KH Hungary, Ocado.
Check out further details in the respective sections below:
the choice and agendas of
Contact us at firstname.lastname@example.org, dm us @defdeveu, or call, or use the
assistance (google) form. See the