Secure Coding Courses
At Secure Coding Academy we have a dream, a vision of a safe and secure IT world,
where all software engineers will know how to write secure code.
Educational Program
Get in touch today so we can tell you why companies around the world trust us to
educate their entire pool of software professionals
Tailored Content Onsite Delivery Everywhere
Through the real life application on the first day I already recognized a security threat in our project which would allow access to some sensitive files.
January 2018, Zagreb, Croatia
All examples are highly applicable in real world (in my work).
January 2018, Zagreb, Croatia
It was a really wide overview of the complete security area, with all the use cases provided in the course.
January 2018, Zagreb, Croatia
The examples were neatly put together and gave us the basic feel of how it looks when trying to bypass security.
January 2018, Zagreb, Croatia
I could relate to the real world examples and exercises.
January 2018, Zagreb, Croatia
The topics were interesting and the trainer was presenting them very well - he was also very enjoyable to listen to.
January 2018, Zagreb, Croatia
I learned about some vulnerabilities I was not so familiar with before, like object deserialization and XXE.
January 2018, Zagreb, Croatia
The high-quality documentation to track the material provided a broad overview over several security aspects, and is well usable to deep dive into the subject.
January 2018, Erlangen, Germany
The exercises were not spoon-fed. We had to apply the learned material to solve.
February 2018, Minneapolis, MN, USA
The exercises were vital to developing a clear working understanding of the concepts.
February 2018, Minneapolis, MN, USA
The cheapest and the most effective way
to do software security is through training
It's Your choice
Your programmers work hard each day...
...to produce vulnerable code
Resulting in hundreds of security bugs yearly...
...to test
...to find
...and to correct
Our research lab can help in this case tooSend them to one of our secure coding training
And they start...
...to write secure code
from their next working day
Start trainingSecure coding courses
The entire security development life cycle (SDLC) covered
Scademy is your
global training provider
Get practical secure coding skillS that you
can apply on your next working day
Be up-to-date on latest attack methods
and mitigation techniques
Hands-on-exercises that come with
real-life hacking fun
On-site training
and educational programs
Individual enrollment
to an open session
On-line introduction
to secure coding
Tests at the Hungarian Search-Lab on DNS-320, DNS-320L, DNS-327L and DNR-326 units using 30-07-2014-dated firmware yielded more than 50 vulnerabilities, including authentication bypasses and something the lab says looks like a backdoor.
Read more on
A security bug in a backup mechanism of the Android operating system can be exploited to install malicious apps on vulnerable devices, researchers have warned.
Read more on
SEARCH-LAB discovered several vulnerabilities in the Android Open Source Project end of last summer. They were responsible disclosed to the Android security team and now that the fixes are deployed, will be revelead for the public.
Read more on
OpenSSL version 1.0.1g and earlier - as well as all software that integrates these versions of OpenSSL - are vulnerable to stack overflow caused by infinite recursion in the code establishing DTLS client connection, allowing remote attackers to perform denial of service. The vulnerable code is located before the SSL handshake takes place, but it might be triggered after the handshake as well. This vulnerability was discovered and researched Imre Rad from SEARCH-LAB Ltd.
Read more on
SEARCH-LAB Ltd discovered another security issue threatening LG Smart Phone users: malicious attackers controlling the network are able to install arbitrary applications on victim handsets.
Read more on
In November 2014, SEARCH-LAB Ltd. discovered a security vulnerability in multiple computer applications that are used to generate and validate digital signatures, which are applied within the official Hungarian government processes. The vulnerability affected the „e-akta” signed document file format, where a file with a valid digital signature could be manipulated in a way that the verification software indicated a valid signature while it displayed a different document than the original.
Read more on
A malicious attacker is able to bypass the authentication phase of the network communication, and thus establish a connection to the On Screen Phone application without the owner’s knowledge or consent. Once connected, the attacker could have full control over the phone – even without physical access to it. The attacker needs only access to the same local network as the phone is connected to, for example via Wi-Fi.
Read more on
Dealt with various fields of IT security from his early years, from bit-level analysis of computer viruses up to the security organizational issues of multinational companies. Spent eight years as development director in the anti-virus industry, more than a decade in security research at the Budapest University and Technolgy, and founded several startups in the security domain, including SCADEMY Secure Coding Academy.
Join our globally growing team
Become our trainer
