Course Duration
1 Day
Cyber
Authorized Training
IT
Course cost:
£1,240.00
IT Certification Overview
This course aims to teach learners about the OWASP top 10 in bite size modules; we will look at the OWASP top 10 vulnerabilities and mitigations available to any development environment. Learners will be able to challenge for the Certified OWASP Security Fundamentals Exam, post course. It is important to understand that this is the baseline set of security standards. Remembering that this knowledge can be reused across technology stacks.
The course introduces AI security threats, OWASP LLMs, and OWASP for agentic systems, models, data, and prompts.
Newto Training Reviews
What Our Happy Alumni Say About Us
I had absolutely no experience in this field, but Newto Training recognised my potential and supported me every step of the way. The real-life scenarios were invaluable in making me job-ready.
The tutors at Newto are consistently patient, clear and more than willing to help. I couldn't have asked for a better learning environment.
From day one I felt welcomed and supported. The live sessions were interactive and the resources well thought-out. I passed my exam on the first attempt thanks to them.
I was nervous about switching careers but the practical approach and continual 1-to-1 support gave me the confidence I needed to succeed."
The training material was excellent, and the instructors really brought the subject to life with hands-on lab work. I feel fully prepared for the workplace."
What impressed me most was the flexibility and responsiveness of the support team. Whenever I had a question, they were there even outside of normal hours.
The course structure was superb. A great mix of theory and practice delivered at a pace that made sense even for beginners. Highly recommended.
Switching into IT felt overwhelming, but Newto Training made the journey manageable and quite enjoyable. Their coaching style is top class.
I particularly appreciated the way complex topics were broken down into manageable chunks, and the tutor actively encouraged questions at every stage.
The live-taught interactive classes set Newto apart from other providers. It wasn't just video-based learning and the real engagement made all the difference.
The cyber course exceeded my expectations. They've been on hand for everything and are constantly in touch with me
The resources provided were spot on and the teaching style made everything easy to understand. I particularly appreciated the extra help offered when needed.
Enrolling with Newto was one of the best decisions I've made. The job-readiness focus, strong teaching and excellent support all stood out.
I completed my SQL course and now feel confident in my skills. The real-world examples and supportive tutors made it all click.
I've just passed my AZ-900 exam thanks to the support received from Ken in the boot camp and his exam preparation sessions.
I've gained a qualification and the confidence to use it in real-world scenarios.
Their commitment to student success is obvious from the personalised guidance to the quality of delivery. I'd recommend them without hesitation.
Every tutor I encountered was professional, encouraging and keen to see me succeed. That personal touch made a big difference.
I'm now in a role I once thought was out of reach, thank you to the all the team
The bootcamps were excellent, we were given practical projects to complete and I feel so much more confident with my coding skills
I had absolutely no experience in this field, but Newto Training recognised my potential and supported me every step of the way. The real-life scenarios were invaluable in making me job-ready.
The tutors at Newto are consistently patient, clear and more than willing to help. I couldn't have asked for a better learning environment.
From day one I felt welcomed and supported. The live sessions were interactive and the resources well thought-out. I passed my exam on the first attempt thanks to them.
I was nervous about switching careers but the practical approach and continual 1-to-1 support gave me the confidence I needed to succeed."
The training material was excellent, and the instructors really brought the subject to life with hands-on lab work. I feel fully prepared for the workplace."
What impressed me most was the flexibility and responsiveness of the support team. Whenever I had a question, they were there even outside of normal hours.
The course structure was superb. A great mix of theory and practice delivered at a pace that made sense even for beginners. Highly recommended.
Switching into IT felt overwhelming, but Newto Training made the journey manageable and quite enjoyable. Their coaching style is top class.
I particularly appreciated the way complex topics were broken down into manageable chunks, and the tutor actively encouraged questions at every stage.
The live-taught interactive classes set Newto apart from other providers. It wasn't just video-based learning and the real engagement made all the difference.
I had absolutely no experience in this field, but Newto Training recognised my potential and supported me every step of the way. The real-life scenarios were invaluable in making me job-ready.
The tutors at Newto are consistently patient, clear and more than willing to help. I couldn't have asked for a better learning environment.
From day one I felt welcomed and supported. The live sessions were interactive and the resources well thought-out. I passed my exam on the first attempt thanks to them.
I was nervous about switching careers but the practical approach and continual 1-to-1 support gave me the confidence I needed to succeed."
The training material was excellent, and the instructors really brought the subject to life with hands-on lab work. I feel fully prepared for the workplace."
What impressed me most was the flexibility and responsiveness of the support team. Whenever I had a question, they were there even outside of normal hours.
The course structure was superb. A great mix of theory and practice delivered at a pace that made sense even for beginners. Highly recommended.
Switching into IT felt overwhelming, but Newto Training made the journey manageable and quite enjoyable. Their coaching style is top class.
I particularly appreciated the way complex topics were broken down into manageable chunks, and the tutor actively encouraged questions at every stage.
The live-taught interactive classes set Newto apart from other providers. It wasn't just video-based learning and the real engagement made all the difference.
The cyber course exceeded my expectations. They've been on hand for everything and are constantly in touch with me
The resources provided were spot on and the teaching style made everything easy to understand. I particularly appreciated the extra help offered when needed.
Enrolling with Newto was one of the best decisions I've made. The job-readiness focus, strong teaching and excellent support all stood out.
I completed my SQL course and now feel confident in my skills. The real-world examples and supportive tutors made it all click.
I've just passed my AZ-900 exam thanks to the support received from Ken in the boot camp and his exam preparation sessions.
I've gained a qualification and the confidence to use it in real-world scenarios.
Their commitment to student success is obvious from the personalised guidance to the quality of delivery. I'd recommend them without hesitation.
Every tutor I encountered was professional, encouraging and keen to see me succeed. That personal touch made a big difference.
I'm now in a role I once thought was out of reach, thank you to the all the team
The bootcamps were excellent, we were given practical projects to complete and I feel so much more confident with my coding skills
The cyber course exceeded my expectations. They've been on hand for everything and are constantly in touch with me
The resources provided were spot on and the teaching style made everything easy to understand. I particularly appreciated the extra help offered when needed.
Enrolling with Newto was one of the best decisions I've made. The job-readiness focus, strong teaching and excellent support all stood out.
I completed my SQL course and now feel confident in my skills. The real-world examples and supportive tutors made it all click.
I've just passed my AZ-900 exam thanks to the support received from Ken in the boot camp and his exam preparation sessions.
I've gained a qualification and the confidence to use it in real-world scenarios.
Their commitment to student success is obvious from the personalised guidance to the quality of delivery. I'd recommend them without hesitation.
Every tutor I encountered was professional, encouraging and keen to see me succeed. That personal touch made a big difference.
I'm now in a role I once thought was out of reach, thank you to the all the team
The bootcamps were excellent, we were given practical projects to complete and I feel so much more confident with my coding skills
Prerequisites
There are no prerequisites for this course.
Note: This course does not cover hands-on coding. Additional courses, such as Secure by Design, can be found in our Secure Engineering pathway.
Learning Objectives
- Explain the purpose of the OWASP Top 10
- Explain how these vulnerabilities could be exploited
- Outline potential impact and consequences of web-based attacks
- Describe baseline mitigation steps and techniques to prevent common web and application-based attacks
- Recognise causes and impacts of major web application risks
- Learn from case studies of real-world vulnerabilities
- Recommend preventive and detective security controls
- Apply secure configuration and cloud audit practices
- Understand SBOMs and software supply chain risk
- Identify risks in AI-generated code and AI systems
- Recognise vulnerabilities in LLM’s, MCP, and agentic AI applications
- Identify ways to protect AI models, data, prompts, and infrastructure
Certified OWASP Security Fundamentals Course Content
Application Security (OWASP)
-
OWASP Top 10
- What’s Changed & Why
- OWASP Top 10 Proactive Controls
A01 Broken Access Control
- What’s the Risk – Notable CWE’s
- What to Check
- Case Study #1
- Case Study #2
- Session Management
- Insecure direct object references
- Typical authorisation components
- Using indirect references
- When not to secure by URL
A02 Security Misconfiguration
- What’s the Risk – Notable CWE’s
- What to Check
- Case Study
- AWS S3 Bucket Audit Checklist
- Azure Tenant (Entra ID) Audit Checklist
- Valuable error messages
- Leakage issues
- Configuration files and sensitive data
- Google Dorks to find config files
A03 Software Supply Chain Failures
- What’s the Risk – Notable CWE’s
- What to Check
- Case Study #1
- Case Study #2
- Software Bill of Materials (SBOM) Ingredients
A04 Cryptographic Failures
- What’s the Risk – Notable CWE’s
- What to Check
- Cryptographic Resilience (PQC)
- Case Study
A05 Injection
- What’s the Risk – Notable CWE’s
- What to Check
- Core Vulnerability Mechanism
- Case Study
- Key Prevention Strategies
A06 Insecure Design
- What’s the Risk – Notable CWE’s
- What to Check
- Insecure Design Scenarios
- Case Study
- Key Prevention Strategies
A07 Authentication Failures
- What’s the Risk – Notable CWE’s
- What to Check
- Common Vulnerabilities
- Case Study #1
- Case Study #2
- Key Prevention Strategies
A08 Software or Data Integrity Failures
- What’s the Risk – Notable CWE’s
- What to Check
- Key Vulnerability Areas
- Key Data Integrity Principles (ALCOA+)
- Core Pillars of Software Integrity
- Key Technical Controls
- Case Study
- Key Prevention Strategies
A09 Logging & Alerting Failures
- What’s the Risk – Notable CWE’s
- What to Check
- Case Study
- Mitigation Strategies
- Logging best practices
- And what should not be logged?
A10 Mishandling of Exceptional Conditions
- What’s the Risk – Notable CWE’s
- Why this new category?
- What to Check
- Modern Attack Scenarios
- Case Study
- Key Prevention Strategies
OWASP Emerging Technology
- Challenges of AI Generated software
-
OWASP Top 10 Large Language Model (LLM)
- Prompt injection
- Insecure output handling
- Training data poisoning
- Model denial of service
- Supply chain vulnerabilities
- Sensitive information disclosure
- Insecure plugin design
- Excessive agency
- Overreliance
- Model theft
-
OWASP Top 10 for Agentic Applications
- Agent Goal Hijack
- Tool Misuse & Exploitation
- Identity & Privilege Abuse
- Supply Chain Vulnerabilities
- Unexpected Code Execution
- Memory & Context Poisoning
- Insecure Inter-Agent Comms
- Cascading Failures
- Human-Agent Trust Exploit
- Rogue Agents
- Model Context Protocol (MCP) Challenges & Mitigation
- AI Resource Protection
Exams and assessments
Candidates will receive individual emails to access their AMPG candidate portal, typically available one week post exam. If you experience any issues, please contact the APMG technical help desk on 01494 4520450.
- Duration: 45 minutes
- Questions: 40, multiple choice (4 multiple choice answers only 1 of which is correct)
- Pass Mark: 50%
Successful candidates will receive the Certified in OWASP Security Fundamentals digital badge via Credly.
Upcoming Dates
Dates and locations are available on request. Please contact us for the latest schedule.
Advance Your Career with Certified OWASP Security Fundamentals
Gain the skills you need to succeed. Enrol in Certified OWASP Security Fundamentals with Newto Training today.