Pragmatic Web Security


A pragmatic approach to web security, tailored towards developers. Thorough and to-the-point lectures. Custom-built and realistic lab sessions.

Learn more Get in touch

Security training for developers

The courses from Pragmatic Web Security help developers, architects and security professionals grasp the full security picture. Not only do they yield direct results, but they also gear up practitioners to recognize security issues in future scenarios.

Customizable courses

There is no one-size-fits-all approach to security. So why waste time on generic security courses? At Pragmatic Web Security, you create your own customized security course. Picking relevant content modules from an extensive curriculum ensures optimal engagement and applicability. Topics range from security essentials to advanced security concepts.

Cultivating security

Training courses from Pragmatic Web Security go beyond covering vulnerabilities and best practices. They focus on understanding why vulnerabilities exist, and how defenses work. This scientific approach cultivates a security mindset among developers. As a result, developers will recognize security issues in different contexts or scenarios.

Hands-on lab sessions

High-quality lab sessions are a cornerstone of Pragmatic Web Security courses. Practical lab sessions are essential to optimize retention of the content. During a lab session, participants attack and defend a custom-built training application. Seeing attacks and defenses in a realistic setting gives developers a head start to improve their code.

Want to learn more? Get in touch!

Contact Information

Meet the instructor

Hi, I'm Philippe, and I'm a passionate web security instructor. My goal is to give practitioners the security knowledge they need to build better and more secure applications. With Pragmatic Web Security, I deliver private security courses around the world. I also regularly speak at conferences and meetups.

Philippe De Ryck

PhD in web security
Google Developer Expert

About Philippe

I am the founder of Pragmatic Web Security, where I travel the world to train developers on web security and security engineering. From my Ph.D., I have gained a deep understanding of the web, its vulnerabilities and its security technologies. In my courses, I channel this knowledge into practical and actional security advice for developers.

I have obtained a Ph.D. in web security from the imec-DistriNet research group (University of Leuven, Belgium). During my Ph.D., I published a book titled Primer on client-side web security. I also built the university's online Web Security Fundamentals course.

I also volunteer as the course curator for the SecAppDev course. Since 2005, this yearly week-long course focuses on security for developers.

Here's industry veteran Jim Manico's opinion ...

Dr. Philippe De Ryck is a stellar secure coding instructor. He brings an immense body of web security knowledge to the classroom when teaching his various class offerings. His style is both focused yet inviting which encourages students to participate in class. It's rare to find professionals who have both the technical ability and presentation skills it takes to be a successful instructor-led-trainer. Dr. Philippe De Ryck has both and more in spades!

Jim Manico — Founder, Manicode Security

A few recordings of talks and lectures

Courses and talks

Next to private trainings, I also represent Pragmatic Web Security at public events. Take a look below for upcoming security courses, conferences or smaller events.

Web Security Essentials

October 15 - 16, 2018 — Leuven (BE)
This 2-day course will show you how hackers target your applications, how you can protect them, and which best practices you should be applying today!

Angular Security Masterclass

October 18 - 19, 2018 — Leuven (BE)
This 2-day course dives into security for Angular: Angular's built-in security mechanisms, client-side security and secure API access to APIs.

Upcoming public events:

  • Meetup talk at Dallas.js: Cookies versus tokens: a paradoxical choice (30/08/2018)
  • Conference talk at JavaZone: Common API security pitfalls (12-13/09/2018)
  • 2-day course: Web Security Essentials (15-16/10/2018)
  • 2-day course: Angular Security Masterclass course (18-19/10/2018)
  • 1-day workshop at NG-BE: A secure foundation for your Angular application (06/12/2018)
  • Conference talk at NG-BE: Angular and the OWASP top 10 (07/12/2018)

Looking for a speaker for your event? Get in touch!

Subscribe to stay up to date on upcoming courses and events.
Subscribe

Testimonials

I am proud to say that a 100% of the post-course evaluation forms so far include a recommendation of the training course to others. The testimonials below give you a good idea of what you can expect from Pragmatic Web Security.

Web security and application security are gaining more and more attention. As a developer, you know what's going on, but since these domains are very broad, it is hard to see the full picture. We were not sure whether the Web Security Essentials course was a good fit for our company.

Once the course started, these doubts vanished. The course is well-structured, and accessible for both frontend and backend developers. It changes the way you look at the development of web applications. Following theory sessions with hands-on labs creates an interesting combination. On top of that, you get a head start with the right tools to assess your own application. The gained knowledge and skills are directly applicable, and immediately shared with colleagues. This training has changed the way we work and affected the security of our product.

This training deserves a high recommendation. The course offers varied, up-to-date and detailed content. Security may still be low on the radar, but this 2-day training already makes a world of difference.

Sam Verschueren — Lead Software Engineer, Pridiktiv NV

I have attended all four of the security seminars taught by Philippe and it is a must do for every software engineer. Essential security concepts, mechanisms, vulnerabilities and countermeasures are explained in details with vivid examples of how catastrophic the consequences could be if a software engineer chooses to ignore them.

Philippe explains very thoroughly, yet in a very interesting and clear fashion how elementary it is for the malicious users to exploit a vulnerability. Obviously and most importantly, countermeasures are presented to help us engineers fix the problems systematically and protect our valuable software systems.

The seminars switch between a top-down solid theory behind the security problems and their solutions and hands-on sessions to demonstrate those problems and try the countermeasures in practice.

Aram Hovsepyan — CEO, Codific

Knowledge is key when it comes to Web Security. One little detail can easily break your entire web application security. At NG-BE 2016, Philippe shared some of his insights on on how to prevent XSS attacks in Angular applications. He managed to explain difficult concepts in such a way that the audience could easily understand it. The feedback from the audience was incredibly positive.

Philippe is an expert in security, a great communicator and a wonderful person to interact with. We were incredibly proud to welcome him at NG-BE 2016.

Jurgen Van de Moere — Organizer NG-BE Conference


Contact Information

Interested in more information? Looking for a speaker for your event? Anything else you want to share or ask? Don't hesitate to get in touch

Pragmatic Web Security is based in Belgium, but delivers trainings and talks around the world.

Subscribe to stay up to date on upcoming courses and events.
Subscribe