Work Smarter, Not Harder.

Stretch beyond your resources.

It’s no surprise that AppSec professionals are greatly outnumbered by security professionals and developers in the workplace. There’s only so much that one person can do, before you have to consider how to work smarter, and scale your efforts. In this course, we go over tried and tested strategies to create a culture where security is top of mind across all departments. Level 2 has over 3.5 hours of video time and multiple quizzes and assignments.
  • Developer Education

    Harness the power of the masses by sharing your valuable knowledge with developers in your organization.

  • Advocacy and Security Culture

    Empower leaders and security champions to spread a positive security culture and really scale your program.

  • Metrics and Improvements

    Understand where the fire is by making data driven decisions through the metrics you measure in your program.

Course curriculum

  • 1
  • 2

    Your Goals From AppSec Foundations Level 1

    • Setting and Reaching Program Goals

    • Goal Assignment

    • Goal Assignment PDF

  • 3

    Scaling Your Team and Your Program

    • Why do we scale?

    • Security CHAMPIONS

    • Coaching

    • Partnership Model

    • Delegation

    • Automation

    • Scaling Assignment

    • Scaling Assignment - PDF

    • Scaling Your Team: Quiz

  • 4

    Developer Education

    • Why do we need to educate Software Developers?

    • Methods of Education

    • When and Where will they learn?

    • Who do you teach?

    • Topic Selection

    • Developer Education Assignment

    • Developer Education Assignment PDF

    • Developer Education: Quiz

  • 5


    • What is Advocacy?

    • Principals for success

    • Tips for teaching adults

    • Advocacy Assignment

    • Advocacy Assignment - PDF

    • Advocacy: Quiz

  • 6

    Tips for Teaching Adults

    • TIPS 1 - Tell them what you are going to tell them

    • TIPS 2 - The Why

    • TIPS 3 - Too much on one slide

    • TIPS 4 - Practice your Talk

    • TIPS 5 - Telling Stories

    • TIPS 6 - Reading Slides

    • TIPS 7 - Say thank you

    • TIPS 8 - Provide Links

    • TIPS 9 - Making Mistakes

    • TIPS 10 - Overloading your audience

    • TIPS 11 - People taking photos

    • TIPS 12 - People on their phones

    • TIPS 13 - Jargon and Acronyms

    • TIPS 14 - Clapping

    • TIPS 15 - Large Text

    • TIPS16 - Drink water

    • TIPS 17 - History Lesson

    • TIPS 18 - Diagrams and Imagery

    • TIPS 19 - Never be condescending. Ever.

    • TIPS 20 - Conclusion

    • We offer Live training too!

  • 7


    • Metrics, Improvement and Data

    • Metrics vs Reporting

    • Measurement

    • Calculating In-House Risk

    • Metrics that Matter

    • Incident metrics that matter

    • Tools for measurement

    • Metrics Assignment

    • Metrics Assignment - PDF

    • Metrics: Quiz

  • 8


    • Using Metrics for Improvement

    • Improvement Case Study - Video Explanation

    • Improvement Case Study - PDF

    • Improvement Assignment

    • Improvement Assignment - PDF

    • Improvement: Quiz

  • 9

    Updating Your Goals and Plan

    • Reaching Your Program Goals

    • Goal Case Study - Video Explanation

    • Goal Case Study - PDF

    • Final Project

    • Goal Assignment - Final Project - PDF

  • 10


    • Optional Program Textbook: Alice and Bob Learn Application Security

    • Measure What Matters: How Google, Bono, and the Gates Foundation Rock the World with OKRs

  • 11


    • Summary

    • Conclusion

    • Thank you!

    • Feedback for We Hack Purple

Increase Your Impacts Now!

Take your AppSec program to the next level.

Meet your qualified instructor, Tanya

How can we describe Tanya in just a few words?

Tanya is passionate, driven and a force of nature. These characteristics have led her to become a leader in everything AppSec. While the list of her accomplishments is extensive, what Tanya is most proud of is how she continues to value diversity, inclusion and kindness through her success.  

Tanya now shares her decades of IT experience through educating others. She has compiled all her learnings from her career into a best-selling book and We Hack Purple’s valuable courses. 

Don't just take our word for it! See what our students have to say.

“I was building an AppSec program and went to a few workshops, but it always boiled down to “OWASP Top 10 = bad, this is XSS” Ended up disappointed ‘cuz there wasn’t anything I could use. Until I took the AppSec course from We Hack Purple which actually provided real value. So if you want to get into AppSec I highly recommend her online talks to get to know AppSec better and take her course if you want to seriously pursue a career in AppSec. ”


“What I enjoyed the most about the training was it was literally AppSec from the ground up. I don't work as an AppSec Engineer on my 8-5. This course gave me a realistic expectation and various scenarios I'd encounter in the day to day life of an AppSec engineer. It was really Tanya speaking from a place of experience and I felt like she was sharing it with me. The exercises and homework provided helps me be able to return back to my boss and lets me start getting into implementing the content in the course practically.”


“I'd been trying to learn Application Security topics on my own, but We Hack Purple’s Application Security Fundamentals course made a lot of topics much clearer to me and helped me to understand what to prioritize when building an AppSec program. The lessons are short and easily "digestible" so that you can stop and resume as needed, without feeling like you have forgotten something. I highly recommend the course - and the book is absolutely essential!”