Pragmatic Web Security

A pragmatic approach to web security, tailored towards developers. Thorough and to-the-point lectures. Custom-built and realistic lab sessions.

Learn more Get in touch

Security training for developers

The courses from Pragmatic Web Security help developers, architects and security professionals grasp the full security picture. Not only do they yield direct results, but they also gear up practitioners to recognize security issues in future scenarios.

Customizable courses

There is no one-size-fits-all approach to security. So why waste time on generic security courses? At Pragmatic Web Security, you create your own customized security course. Picking relevant content modules from an extensive curriculum ensures optimal engagement and applicability. Topics range from security essentials to advanced security concepts.

Security explained

Don't be fooled. Web security is hardly a simple topic. Everything is connected and security mechanisms often build upon foundational concepts. Training courses from Pragmatic Web Security go beyond textbook examples. In-depth lectures help developers understand the complicated security landscape. Hands-on labs illustrate vulnerabilities and defenses.

Hands-on lab sessions

High-quality lab sessions are a cornerstone of Pragmatic Web Security courses. Practical lab sessions are essential to optimize retention of the content. During a lab session, participants attack and defend a custom-built training application. Seeing attacks and defenses in a realistic setting gives developers a head start to improve their code.

Want to learn more? Get in touch!

Contact Information

Training materials and the lab environments are available for licensing. Pragmatic Web Security also offers architectural security assessments, technical writing services or short-term security consulting services. Don't hesitate to reach out for more information.

Meet the instructor

Hi, I'm Philippe, and I'm a passionate web security instructor. My goal is to give practitioners the security knowledge they need to build better and more secure applications. With Pragmatic Web Security, I deliver private security courses around the world. I also regularly speak at conferences and meetups.

Dr. Philippe De Ryck

PhD in web security
Google Developer Expert

About Philippe

I am the founder of Pragmatic Web Security, where I travel the world to train developers on web security and security engineering. From my Ph.D., I have gained a deep understanding of the web, its vulnerabilities and its security technologies. In my courses, I channel this knowledge into practical and actional security advice for developers.

I have obtained a Ph.D. in web security from the imec-DistriNet research group (University of Leuven, Belgium). During my Ph.D., I published a book titled Primer on client-side web security. I also built the university's online Web Security Fundamentals course.

Since 2018, I am a Google Developer Expert, a recognition of my contributions to share my security knowledge with the community. I also volunteer as the course curator for the SecAppDev course. Since 2005, this yearly week-long course focuses on security for developers.

Here's industry veteran Jim Manico's opinion ...

Dr. Philippe De Ryck is a stellar secure coding instructor. He brings an immense body of web security knowledge to the classroom when teaching his various class offerings. His style is both focused yet inviting which encourages students to participate in class. It's rare to find professionals who have both the technical ability and presentation skills it takes to be a successful instructor-led-trainer. Dr. Philippe De Ryck has both and more in spades!

Jim Manico — Founder, Manicode Security

A few recordings of talks and lectures

Courses and talks

Next to private trainings, I also represent Pragmatic Web Security at public events. Take a look below for upcoming security courses, conferences or smaller events.

List of public events:

  • 2-day workshop at NDC Security: A builder’s guide to Single Page Application security (22 - 23/01/2020 - Oslo, Norway)
  • Conference talk at NDC Security: TBD (24/01/2020 - Oslo, Norway)
  • Conference talk at NDC London: TBD (27 - 31/01/2020 - London, UK)
  • Course curator of SecAppDev, a week-long course on secure application development (09 - 13/03/2020 - Leuven, Belgium)
  • 2-day workshop at LocoMocoSec: A builder’s guide to Single Page Application security (26 - 27/05/2020 - Maui, Hawaii, USA)
Subscribe to stay up to date on upcoming courses and events.


I am proud to say that a 100% of the post-course evaluation forms so far include a recommendation of the training course to others. The testimonials below give you a good idea of what you can expect from Pragmatic Web Security.

The course consists of high-quality course material. Philippe's lectures cover the theory in a clear an concise manner. The practical labs in between provide a useful way to get practical experience.

We have learned a ton of new security practices, which we will immediately adopt within our development team. The course is highly recommended.

Mattias Vanhoutte — Security Specialist, Televic

Web security and application security are gaining more and more attention. As a developer, you know what's going on, but since these domains are very broad, it is hard to see the full picture. We were not sure whether the Web Security Essentials course was a good fit for our company.

Once the course started, these doubts vanished. The course is well-structured, and accessible for both frontend and backend developers. It changes the way you look at the development of web applications. Following theory sessions with hands-on labs creates an interesting combination. On top of that, you get a head start with the right tools to assess your own application. The gained knowledge and skills are directly applicable, and immediately shared with colleagues. This training has changed the way we work and affected the security of our product.

This training deserves a high recommendation. The course offers varied, up-to-date and detailed content. Security may still be low on the radar, but this 2-day training already makes a world of difference.

Sam Verschueren — Lead Software Engineer, Pridiktiv NV

I have attended all four of the security seminars taught by Philippe and it is a must do for every software engineer. Essential security concepts, mechanisms, vulnerabilities and countermeasures are explained in details with vivid examples of how catastrophic the consequences could be if a software engineer chooses to ignore them.

Philippe explains very thoroughly, yet in a very interesting and clear fashion how elementary it is for the malicious users to exploit a vulnerability. Obviously and most importantly, countermeasures are presented to help us engineers fix the problems systematically and protect our valuable software systems.

The seminars switch between a top-down solid theory behind the security problems and their solutions and hands-on sessions to demonstrate those problems and try the countermeasures in practice.

Aram Hovsepyan — CEO, Codific

Knowledge is key when it comes to Web Security. One little detail can easily break your entire web application security. At NG-BE 2016, Philippe shared some of his insights on on how to prevent XSS attacks in Angular applications. He managed to explain difficult concepts in such a way that the audience could easily understand it. The feedback from the audience was incredibly positive.

Philippe is an expert in security, a great communicator and a wonderful person to interact with. We were incredibly proud to welcome him at NG-BE 2016.

Jurgen Van de Moere — Organizer NG-BE Conference

Contact Information

Interested in more information? Looking for a speaker for your event? In need of a technical writer? Anything else you want to share or ask? Don't hesitate to get in touch

Pragmatic Web Security is based in Belgium, but delivers trainings and talks around the world.

Subscribe to stay up to date on upcoming courses and events.