What's included? Everything.

People working in AppSec are underserved with the training programs currently offered – it’s often too expensive, too specific, and not relevant to what people need in their everyday job. That’s why in our course bundle, we find just the right balance of topics and strategies to be successful in AppSec. This bundle includes all three courses and a certificate of completion

  • AppSec Foundations Level 1-3 courses covering basic, intermediate, and advanced concepts you can apply to your job right away with over 12.5 hours of video lessons.

  • A certification upon your completion of the courses as a testament to your newly acquired knowledge, signed by Tanya.

  • Note: Textbook not included in this bundle.

Are you someone who...

  • Wants to work in AppSec?

    By following each course to the next, you’ll learn the wildly important topics and build a strong foundation for your future career.

  • Already works in AppSec?

    Do you face frustrating barriers at work? Never stop learning industry best practices and how to scale, manage, and get buy-in at your organization.

  • Is looking for relevant training?

    Get training that is relevant to your entire career and stay engaged with an experienced instructor who is an award-winning public speaker.

But no matter who you are, you’ll get immediate access to 3 full on-demand courses, 222 video lessons, 18 assignments, 19 quizzes, 10 PDFs, 2 case studies, and a certification upon completion.

Alice and Bob Learn Application Security

Available in paperback, Kindle & Audiobook

Alice and Bob Learn Application Security is an accessible and thorough resource for anyone seeking to incorporate, from the beginning of the System Development Life Cycle, best security practices in software development. This textbook is optional for this course and is not included as part of the price of this course. This book covers all the basic subjects such as threat modeling and security testing, but also dives deep into more complex and advanced topics for securing modern software systems and architectures. Throughout, the book offers analogies, stories of the characters Alice and Bob, real-life examples, technical explanations and diagrams to ensure maximum clarity of the many abstract and complicated subjects.

Topics include:

  • Secure requirements, design, coding, and deployment
  • Security Testing (all forms)
  • Common Pitfalls
  • Application Security Programs
  • Securing Modern Applications
  • Software Developer Security Hygiene  


We cover the essentials and give you the knowledge to take on AppSec with confidence.

What are you waiting for?

Meet your qualified instructor, Tanya

How can we describe Tanya in just a few words?

Tanya is passionate, driven and a force of nature. These characteristics have led her to become a leader in everything AppSec. While the list of her accomplishments is extensive, what Tanya is most proud of is how she continues to value diversity, inclusion and kindness through her success.  

Tanya now shares her decades of IT experience through educating others. She has compiled all her learnings from her career into a best-selling book and We Hack Purple’s valuable courses. 

Don't just take our word for it! See what our students have to say.

“I'd been trying to learn Application Security topics on my own, but We Hack Purple’s Application Security Fundamentals course made a lot of topics much clearer to me and helped me to understand what to prioritize when building an AppSec program. The lessons are short and easily "digestible" so that you can stop and resume as needed, without feeling like you have forgotten something. I highly recommend the course - and the book is absolutely essential!”


“I was building an AppSec program and went to a few workshops, but it always boiled down to “OWASP Top 10 = bad, this is XSS” Ended up disappointed ‘cuz there wasn’t anything I could use. Until I took the AppSec course from We Hack Purple which actually provided real value. So if you want to get into AppSec I highly recommend her online talks to get to know AppSec better and take her course if you want to seriously pursue a career in AppSec. ”


“What I enjoyed the most about the training was it was literally AppSec from the ground up. I don't work as an AppSec Engineer on my 8-5. This course gave me a realistic expectation and various scenarios I'd encounter in the day to day life of an AppSec engineer. It was really Tanya speaking from a place of experience and I felt like she was sharing it with me. The exercises and homework provided helps me be able to return back to my boss and lets me start getting into implementing the content in the course practically.”


“Things I learned from We Hack Purple AppSec Foundations: incident management, keeping an inventory of all the systems you've been assigned to, triaging what frameworks/stacks is each one running on, and the best part was building rep with the development team. I work as a software engineer on my day to day job so it really refreshing seeing what the security side needs to know and how I can be helpful to them in my role.”


“I enjoyed having a full-depth introduction to the world of Application Security. Although I already work in AppSec, seeing these concepts in a formatted way is not something I’ve seen before, and I learned a lot.”


““What I learned” Developer Education is key - creating awareness amongst the developer will really help in baking in security from the start. Metrics provide validation on how well the security posture of an organization is and its a must to help gauge where the organization stands and also helps in building a case with the management to get the security dollars and show them the value being provided.”