Labs

Insecure Modes of Encryption

Authenticated Encryption with AES GCM

RSA Optimal Asymmetric Encryption Padding

Signatures with Asymmetric Encryption Algorithms

One-Way Hashing vs. Key Stretching

Course Content

Deep-Dive Cryptography

Symmetric and Asymmetric Ciphers

Block and Stream Ciphers

Hands-on: Modes of Encryption – Best Practices

Hands-on: Padded oracle attack and defense

Hands-on: Asymmetric Encryption and RSA-OAEP Padding

Key Management Essentials

Secrets Management Deep-dive

Secrets Management in the Cloud

Secrets Management with Vault

Hands-on: Implementing Secrets Management with an App and Vault

Hands-on: Dynamic Secrets with Vault

Other Secrets Management Best Practices

One-way hashing & Key Stretching

Hashing Concept Overview

Hashing and Why you should NOT be using it to protect passwords

Introduction to Key-stretching Algorithms:

BCrypt and SCrypt

PBKDF2

Argon2

Cryptography in its many forms has been around for centuries, storing and protecting secrets and confidential information. Data encryption today is simply an advanced form of this, using ciphers, algorithms and keys to securely store data. Given that nearly all applications store some form of sensitive user data, it’s imperative that they use effective methods of cryptography to properly secure this information.

Introduction to Web App Cryptography takes you on a deep-dive of cryptography and cryptographic implementations. You’ll learn about symmetric and asymmetric ciphers, block and stream ciphers, encryption best practices and the essentials of key management.

With the help of hands-on labs, you’ll learn about insecure cryptographic implementations in ECB mode. We’ll even talk about one-way hashing, comparing it to ‘Key Stretching’ algorithms. Finally, you’ll learn about the essential elements of good secrets management.

The training material, labs and video content are all specially designed by AppSecEngineer for this course. What you’ll find here is a distillation of years of security testing experience, knowledge, and original research across our entire team. It’s why we’ve put such a strong focus on real-world techniques, challenges and scenarios that you’ll be able to directly use to secure applications today.

Intermediate

4
Hours
22
Lessons
5
Cloud Labs
learning path:
Application Security Essentials

Introduction to Web App Cryptography

Ideal for
Developer
Security Architect
Pentester
Security Champion
Security Engineer
Get Started

You might also like these courses

Or explore these Learning Paths

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
Copyright AppSecEngineer © 2025