| CARVIEW |
Select Language
HTTP/2 301
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none; report-to='default'
cross-origin-embedder-policy-report-only: unsafe-none; report-to='default'
cross-origin-opener-policy: unsafe-none
cross-origin-opener-policy-report-only: unsafe-none; report-to='default'
cross-origin-resource-policy: cross-origin
expires: Mon, 29 Dec 2025 09:59:42 GMT
location: https://training.linuxfoundation.org/security-workshops/
permissions-policy: browsing-topics=(), accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=300
x-content-security-policy: default-src 'self'; img-src *; media-src * data:;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe1-b-77f867f67b-tzh85
x-permitted-cross-domain-policies: none
x-redirect-by: WordPress
x-styx-req-id: b6c7645c-e494-11f0-a340-0aa6c2c9c7f1
x-xss-protection: 1; mode=block
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 29 Dec 2025 08:59:42 GMT
x-served-by: cache-chi-kigq8000125-CHI, cache-bom-vanm7210031-BOM, cache-bom-vanm7210090-BOM, cache-bom-vanm7210090-BOM
x-cache: MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0
x-timer: S1766998782.015815,VS0,VE770
vary: Cookie, Cookie
content-length: 0
HTTP/2 200
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none; report-to='default'
cross-origin-embedder-policy-report-only: unsafe-none; report-to='default'
cross-origin-opener-policy: unsafe-none
cross-origin-opener-policy-report-only: unsafe-none; report-to='default'
cross-origin-resource-policy: cross-origin
link: ; rel="alternate"; title="JSON"; type="application/json"
link: ; rel=shortlink
permissions-policy: browsing-topics=(), accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=300
x-content-security-policy: default-src 'self'; img-src *; media-src * data:;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe1-b-77f867f67b-565f4
x-permitted-cross-domain-policies: none
x-styx-req-id: b7412f55-e494-11f0-b79d-a243c57ca621
x-xss-protection: 1; mode=block
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 29 Dec 2025 08:59:44 GMT
x-served-by: cache-chi-klot8100119-CHI, cache-bom-vanm7210099-BOM, cache-bom-vanm7210090-BOM, cache-bom-vanm7210090-BOM
x-cache: MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0
x-timer: S1766998783.815436,VS0,VE1333
vary: Accept-Encoding, Cookie, Cookie
content-length: 79860
Security Workshops - Linux Foundation - Education
Skip to main content
- Catalog
- Resources
- Corporate Solutions
- Explore
English
- My LF Profile
- My LF Profile
- My Training Portal
Understanding Vulnerabilities and Security Threats (WSKF603)
- 1-day workshop
- Understand the OWASP® Top 10 Security Threats
- Live demo environment provides hands-on experience in exploiting and defending against vulnerabilities
- Hands-on learning
Securing Coding Fundamentals (WSKF601)
- 3-day workshop
- Empower developers to write and verify secure software themselves
- Learn application security and hacking
- Introduce secure design patterns
- Hands-on learning
Advanced Secure Coding
(Additional Hands-on Labs)
- Expand and customize Secure Coding Fundamentals
- Select one or multiple additional labs, up to 7 for each additional day of training
- All labs include explanation and scenarios of the vulnerability plus hands-on time for exploitation and fixing
See below for additional Workshop information or contact us to learn about pricing and availability.
Understanding Vulnerabilities and Security Threats (WSKF603)
This workshop aims to break down the OWASP® Top 10, helping developers understand the most common pitfalls and misconceptions associated with these risks.
Participants leave with:
- An in-depth understanding of each item in the OWASP® Top 10
- Hands-on experience in exploiting and defending against each vulnerability
- Insights into the most common mistakes developers make for each risk
- Techniques to battle vulnerabilities
Secure Coding Fundamentals (WSKF601)
Empowering developers to write and verify secure software by design independently, makes this workshop fundamental to security implementation and boosts the security maturity level within the organization. Lecture time is kept to a minimum, as the main focus is hands-on learning.
Participants leave with:
- Behavior changing, long-lasting security knowledge and skills
- Ability to independently test for web application vulnerabilities
- Skills to perform threat modeling sessions and prevent business logic vulnerabilities
- Understanding of how to fix vulnerabilities and know what secure design patterns to apply
- Knowledge to practice security by design using the Security Knowledge Framework
- Ability to use security automation that adds value in the CI/CD pipeline
Advanced Secure Coding (WSKF602)
Select additional hands-on labs not covered in Secure Coding Fundamentals (WSKF601) to customize your workshop. Each additional 45-minute lab includes explanation and scenarios of the vulnerability plus hands-on time for exploitation and fixing.
Add-on lab options include:
- HTTP response splitting
- Host header auth bypass
- Websocket message manipulation
- Web cache poisoning
- Graphql DOS
- GraphQL IDOR
- Authentication bypass
- Command injection
- Insecure deserialization pickle
- Server side request forgery
- Open redirect
- CSS Injection
- Local file inclusion
- Path traversal (LFI)
Bring these valuable workshops to your team!
Contact us to learn about pricing and availability.
Stay Up to Date
Get early access to the latest Linux Foundation Training news, tutorials and exclusive offers – available only for monthly newsletter subscribers.
Get exclusive discounts, news, and more with our free newsletter
We won’t ever send you spam, promise.
© 2025 Linux Foundation - Education. The Linux Foundation®. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds.
Terms of Use | Privacy Policy | Bylaws | Trademark Usage | Antitrust Policy | Good Standing PolicyAccelerated by 
Sign up to get access to exclusive promotions, the latest trainings and news
Stay up to date with the newest courses, certifications, and promotions from the LF training team.
Thank you for your interest in Linux Foundation training and certification. We think we can better serve you from our China Training site. To access this site please click below.
感谢您对Linux Foundation培训的关注。为了更好地为您服务,我们将您重定向到中国培训网站。 我们期待帮助您实现在中国区内所有类型的开源培训目标。