def.dev: secure devel. trainings, the new school

def.dev development security training ups the ante on virtual education. Our veteran delivery crew and seasoned trainers bridge the gap to make remote courses just as effective as in-person sessions.

Our defensive development (hence the name def.dev, /dɛfdɛf/) courses are dedicated to helping teams and pros build and maintain secure software. Let's harden apps by strengthening security skills and through adopting practices that systematically reduce defects.

Catered to [senior/medior engineers, security champions, architects, testers, devops and junior devsecops/cybersec folks] by experienced appsec/defsecops authorities to expand individual careers and to harden deving teams by mastering the secure software production skills and practices.

▰ Take an online course:

Security code review workshop

from: Bud/virtual, time: TBA

All upcoming events

▰ Try a private one:

Browse our courses!

Learn-by-fixing Learn-by-fixing (testing and hacking)

We teach how to fish amid threats instead of giving lessons about the species of fishes in the OWASP Top 10. We make students engaged in the learning process by performing exercises. The trainers on stage demonstrate many practical aspects of hacking or defence practices and patterns. The students have to walk through many hands-on exercises, in teamwork or on their own. We preach Application Security Verification Standard (OWASP ASVS) and practicable knowledge. The theory is minimalistic, dressed into stories and built onto meaningful concepts.

Devel hardening Devel hardening

Let’s kill bugs early -- in developers minds and through adopting sticky devel practices that systematically reduce defects. Development is a collective process, our students become experts who improve secure coding and practices of their teams by importing the skills learnt off-site into their workplaces. Teams working together in real-life projects are welcome. The goal is to deliver security skills useful in the modern deving practice. Solo professionals are our first class guests also! See the management pitch below...

Let us hack your codes!) Let us hack your codes!)

Our twin project, secdev.eu is a hi-end service in auditing security quality of codes and improving S-SDLC practices. In case of private secure coding trainings we suggest to complete a workshop by reviewing production codes for security design and implementation problems together. We provide vulnerability audits and pentesting (VAPT) works the audit reports resulted from which can make subsequent trainings more meaningful for devs. We also help you to implement SKF, the security knowledge framework. Ask about the secdev.eu code audits!

The def.dev pitch for management

def.dev workshops are designed to significantly improve the security quality of the software production by mastering secure coding skills and through adopting sticky devel practices that systematically reduce defects.

We do trainings on Java/JEE, Javascript/React/Angular, Node.js, iOS/Android, C#/.net, C++, Golang, Python, Kotlin and PHP secure coding, IoT, docker, AWS and mainframe security, also S-SDLC (secdev playbook), CI/CD pipeline (security testing automation and vulnerability management) and even about testing w/ Burp for devs. Our courses are mostly structured around the OWASP Application Security Verification Standard (ASVS), and are based on cloud-hosted exercises and DIY tasks.

Features of the both public and private trainings:

Advanced and proficiency level courses. For dev professionals of senior and mid level, team leaders, security champions, architects and secengs.
Though we try to remain comprehensible and useful for any person interested in the development process.
We minimize lectures, we minimize the stuff developers forget by the second week. We do many demos and make students learn the material by hand with hacking and fixing codes, and with tabletop exercises in teams.
Intensive 1XL or 2-3 days delivery. Performance-oriented both on the stage and the floor.
We monitor the individual learning style of students.
Our trainers are practitioners with authority and have years of experience in enterprise software production: such as security testers who are good at coding or senior developers who learnt security testing and S-SDLC.

With the two formats of our public trainings, the hosted workshops and the theater trainings we try to achieve such quality and impact in training that the public ones can substitute private/onsite workshops:

Disruption free environment. (In contrast, in the atmo of their workplaces the on-site training attendees may keep tracking their project or even check out from the training to an important meeting.)
Professionals working together in real-life projects are welcome and we will change their practices. Teambuilding is a byproduct of the "teams hardening" we do.

At the theater trainings, our midsize events for 25+ students or 5+ teams from different companies:

The trainings are delivered by two trainers on stage simultaneously. We deliver staged performance, the interacting trainers enjoy the show, and the chemistry with the bigger audience is maintained.
The def.dev floor is structured into tables, we assist students to perform as groups, which makes students engaged and serves deeper and more practical learning.

Clients/visitors of public and private def.dev trainings were/are: ING Belgium/Netherlands, Payconiq, LogMeIn/LastPass/GoToMeeting/Boldchat, Ustream, JKU Institute für Netzwerke und Sicherheit, Siemens/evosoft, Nokia, GE Healthcare, Opera Software, SAP, Balabit, AEGON, KBC/KH Hungary, Vijfhart.

Check out further details in the respective sections below: the choice, the abstracts and topics of courses, announced events and the tickets guide.

Contact us at [email protected], dm us @defdeveu, or call, or use the assistance (google) form. See the support section.

Recommendations

After the top notch Mobile ASVS-based trainings Zsombor and the defdeveu guys delivered onsite, our LogMeIn team is looking forward to attending the next defsec training in Vienna.
This and other appsec courses conducted by Glenn, Timur and team have been part of our training program at LogMeIn for several years. They give our developers a great foundation and then strengthen those skills with engaging, hands-on practice. Thanks, defdeveu!

-- LogMeIn, Dr. Márk Vinkovits, Manager of Application Security

The courses/workshops

The menu: Java, Angular/React, iOS/Android, Swift, Kotlin, C#, C++, Golang and Hack/PHP secure coding, cloud/edge security, also S-SDLC (secdev playbook) and DevSecOps methodology, or CI/CD pipeline (security testing automation and vulnerability management) and even Burp for devs.

The def.dev trainings have been designed to significantly improve the security quality of the software production by mastering secure coding skills and through adopting sticky devel practices that systematically reduce defects.

See the catalog of our courses with details and agendas at def.dev/dir.

Our popular trainngs are:

Redbelt Champion Mobile workshops

: iOS hacking/devsec masterclass [red]

Fully virtual and fully hands-on, this course with a veteran mobile security expert aims to arm security champions, advanced developers, testers and pentesters with the skills, in-depth knowledge and battle-proven techniques necessary to exploit and test iOS applications. The boutique course also covers unique platform features and security services that make developers’ lives easier – and create new difficulties for penetration testers. Starting from the ground up, the course discusses the Cupertino philosophy towards security on the iOS platform, consequent approaches to security mechanisms, developer choices and associated risks. You’ll get a quick start on analysing iOS applications both statically and using a physical device (nevertheless, an up-to-date iOS 15 device will do just fine as a build target in Xcode). You’ll learn to add Frida and Burp to your tooling arsenal. Attendees will complete the course with all of the knowledge they need to get hands-on with real mobile application testing and take their skills even further. Click for details!

: Android hacking/devsec masterclass [red]

A hands-on course aiming to arm developers with the skills, in-depth knowledge and battle-proven techniques necessary to exploit mobile applications. The course also covers unique platform features and security services that make developers' lives easier – and create new difficulties for penetration testers. Starting from the ground up, the course discusses the underlying security philosophy of both major mobile platforms, consequent approaches to security mechanisms, developer choices and associated risks. You’ll get a quick start on analysing mobile applications both statically and using an emulator or physical device. Attendees will complete the course with all of the knowledge they need to get hands-on with real mobile applications and take their skills even further. Click for details!

Mobile development security [blue]

: iOS development security [blue]

Since we first delivered our iOS security course four years ago, we’ve consistently put effort into polishing it to perfection – and of course keeping it up to date with the newest trends on the platform. Most recently, we’ve incorporated a wealth of practical exercises (re)written in Swift. The advanced level course covers the foundations of security on iOS, as well as each chapter of the Mobile Application Security Verification Standard (OWASP MASVS). Besides an exciting exploration of the real-life hacker experience through Black Hat / DEF CON talks and popular podcasts, we engage participants with stories, labs, quizzes, and two off-the-schedule facultative classes (on-demand). Click for details!

: Android development security [blue]

Five years in the making, we’ve continued to develop and polish our Android security course, with the incorporation of a huge bundle of practical exercises rewritten in Kotlin being the latest addition. As with our iOS course, this advanced level course covers the foundations of security on the platform alongside comprehensive coverage of each chapter of the Mobile Application Security Verification Standard (OWASP MASVS). Participants will explore the real-life hacker experience through Black Hat / DEF CON talks and popular podcasts and garner hands-on experience through a variety of stories, labs, quizzes, and two off-the-schedule facultative classes (on-demand). Click for details!

WebApp/API development security

: Webapp & API general fundamentals

Our Webapp & API security workshop covers both the basics of secure coding and framework-specific skills. It stands above other courses like it — expect 3 days of intense hands-on learning, with many topics on the table. The basics are explained using a platform-agnostic approach and examples in Python; students can also learn platform/framework related patterns in their framework of choice (eg. Node.js). The course covers both offense and defense: detecting and exploiting vulnerabilities, finding them in the source, and – most importantly – mitigating them and preventing them from the start by applying secure development patterns. Click for details!

: Secure development in Java/Kotlin

Our Java/Kotlin security workshop covers the fundamentals of secure coding in the Java environment. Throughout the course, developers will deep dive into the custom-built labs and sample applications. We believe that developers understand security concepts best within the context of their preferred programming languages, libraries and frameworks, so we offer a variety of exercises and examples to fit your company's particular toolset. With these tailored labs, we create actionable knowledge that enables the developers to improve the security quality of their code from the very earliest stages of development. Click for details!

: Security champions bootcamp

This training course introduces developers to Secure Software Development Life Cycle (S-SDLC) methodologies and practices and provides a clear strategy for recognizing insecure patterns using various technologies (mobile and web) and programming languages. Attendees will familiarize themselves with commonly-used security tools, exploit vulnerabilities in real code, create a fix based on the OWASP ASVS, mASVS (for mobile) and SKF recommendations and validate the effectiveness of their solution. Click for details!

'DIY security testing' series

: WebAppSec testing/fixing

Practice-changing impact, long lasting security knowledge and skills -- are the expected outcomes of this new-school webapp security training. This is a training with minimum lectures and all focused on hands-on exercises. We start off with some understanding of secure development and the secure coding principles. Then we do basic hacking challenges and move gradually to the advanced topics, but after that we do exercises that are about fixing vulnerable code. The attendees will have after this course a vast set of actionable knowledge and practise to be used straight away. Click for details!

: Burp suite for testers and developers

This workshop provides testers and developers with an overview of how the Burp Suite can be used for web testing. Even though Burp is primarily designed for penetration testers, its sophisticated feature set also makes it a great tool for anyone doing general bug hunting in web applications. Participants will gain a general understanding of how web applications work under the hood, how to use Burp for troubleshooting and how to utilize its toolset to re-create error conditions through manual HTTP traffic manipulation. In the final steps, we'll take an in-depth look into how to leverage the Burp API through Python in convoluted scenarios. Click for details!

Testing automation

: Mobile testing automation

Mobile security test automation workshop focuses on how to set up security test automation in your CI/CD pipelines. But also how to create an agnostic pipeline approach that works over different CI tooling. Build once, run everywhere! In the course we will in depth cover different security tooling for mobile software development. We cover static analysis tools and dynamic analysis tools, and in what stages of development to introduce these tools. By learning the tools that the hackers will run against your application, we will learn how to create more robust and hardened applications. Click for details!

Browse the full catalog!

The upcoming events

With the two formats of our public trainings, the hosted workshops and the theater trainings we try to achieve such quality and impact in training that the public ones can substitute private/onsite workshops.

We minimize lectures, we minimize the stuff developers forget by the second week. We do many demos and make students learn the material by hand with hacking and fixing codes, and with tabletop exercises in teams.
Intensive 1XL or 2-3 days delivery. Performance-oriented both on the stage and the floor.

(Also check out our past events.)

Interested in having a private def.dev training at your company? Contact us regarding the onsite def.dev courses.

Vienna, TBA

iOS/Android development security

Vienna, advanced intensive training, 2 combined tracks

Earlybird €1250 €1750 single track (platform) or €1750 €2250 for both tracks [per seat]

timing/ days: TBA [Wednesday-Friday in September]
3 days event; D1: full, D2: am: ios, pm: android, D3: am: android, pm: ios
venue/ seats: TBA
[max 12 tables]
trainers: Zsombor Kovács,
agenda: Android agenda iOS agenda
language: English

The manifesto

the developers are the key players of the software security at the end of the day, not the auditors

Secure software development is a professional field which has not many dedicated events yet, and especially not many events which educate and improve developers. Meanwhile the developers are the key players of the software security at the end of the day, not the ethical hackers or auditors.

Our ambition is to establish the #1 European event of the "securely developing" professionals. Our training events are purely about educating and improving our visitor developers and other professionals involved in the ssdlc.

def[dev]eu is a developers trainings series, it's not a hacking show, nor is it about boring security preaching. We are structured, practical, entertaining, and we see the challenge with the eyes of a software engineer.

"As an active hacker and penetration tester, I came to the conclusion that for most mobile application tests, application developers commit the same mistakes over and over again. The overall security posture of the published mobile applications could be significantly improved if the developers were aware of techniques, tools and methods used by real attackers and this knowledge should be used throughout the entire SDLC process. How differently would developers work if they had the opportunity to see their app through a hacker's eyes? "
-- Zsombor

The trainers

When leading security specialists come together on stage, be prepared to take in a wealth of online security knowledge

Zsombor Kovács

Zsombor Kovács is a security specialist with many years of hands-on experience in penetration testing in Budapest, London and Zürich. Besides penetration tests performed on mobile devices (both iOS and Android), his main focus is application and infrastructure evaluation. Zsombor conducts penetration tests and malware analysis on a daily basis. He found vulnerabilities in all sorts of Android and iOS applications from e-banking and telecommunication to document management, to MDM software. He also has been involved in projects dealing with incident response, forensic engineering, reversing, physical security and social engineering. Zsombor is keen on everything related to hacking from finding bugs in mobile applications to devsec consulting, to lock picking and RFID hacking and exploring the human psyche.

Zsombor is involved in secure development trainings on both mobile platforms, malware and pentesting.

From the trainings record of Zsombor:
LogMeIn, GoToMeeting, 1611BUD, 1805VIE, 1906BUD

Péter Nyilasy

Péter has been doing enterprise web application development for more than a decade now mainly for financial institutions. He has exceptional knowledge of and strong experiences with Java and JEE, and also with several Javascript frameworks. In the recent years Péter turned to software security and does secure development consulting, ASVS-based application audits with secdev.eu and is a resident trainer with defdev.eu.

Meanwhile he stays current with the software production internals working also as a freelance software engineer. Péter also teaches Java for developers.

Marek Zachara

Marek Zachara graduated with MSc degree in Electrical and Electronic Engineering from University of Bristol, UK in 2000 and received his PhD in Computer Sciences in 2008 from AGH UST, Poland. He is assistant professor at AGH University of Science and Technology in Krakow. Since 2008 Marek have been working with Securing on security audits and development of tools and methods for security assessment.

For over five years he has been involved in a number of research activities centered around software quality and security, with special focus on simulation and analysis of users behavior.

The def.dev events are delivered with many other enthusiastic and professional people helping our students on the floor and behind the scenes.

Archive/pre-covid public events

Budapest, 1906 (done)

Burp for testers and developers

Budapest (HU), one-day intensive training

Early tickets till MAY31:
€470 net (148KHUF+VAT)
Final price:
€580 net (185KHUF+VAT)/seat.

description:

The purpose of the workshop is to provide testers and developers an overview how the Burp suite can be used for web testing work. Even though Burp is primarily designed for penetration testers, its sophisticated capabilities can come handy for everyone whose job is to perform general bug hunting in web applications.

timing/ days: '19 June 13 (Thu), 9:00-18:00
1 XL day (7hrs education time)
venue/ seats: Green Fox Academy
15+
trainer: Zsombor Kovács
agenda: course desc.
language: English

* Note: there is also 'WebAppSec testing/fixing' workshop the following day.

Budapest, 1906 (done)

WebAppSec testing/fixing

Budapest (HU), one-day intensive training

Early tickets till MAY31:
€470 net (148KHUF+VAT)
Final price:
€580 net (185KHUF+VAT)/seat.

description:

timing/ days: '19 June 14 (Fri), 9:00-18:00
1 XL day (7hrs education time)
venue/ seats: Green Fox Academy
15+
trainer: Glenn ten Cate
agenda: course desc.
language: English

* Note: there is also a Burp workshop the previous day.

Budapest, 1904 [past]

Secdev in Java
(Spring-flavored)

Budapest (HU), 2-days workshop

description:

The two-days Java secure development workshop will cover the fundamentals of secure coding in Java (extended with some Spring particulars). We will teach the most important webapp vulnerabilities from the perspective of a developer. Participants will learn how to find vulnerabilities during testing, how to recognize those within the source-code, how to avoid and mitigate those.

timing/ days: '19 APR25-26
venue/ seats: LogMeIn Labs, Budapest
15+
trainer: Péter Nyilasy
agenda: course desc.
language: Hungarian

Tel Aviv 1905 [cancelled]

Mastering holistic WebAppSec

Cancelled due to low demand.

description:

Practice-changing impact, long lasting security knowledge and skills -- are the expected outcomes of this new-school webapp security training. The course is inclusive: the developers learn application security and hacking, improve their professional skills and are also introduced to the security design patterns for fixing the code. In the modern development process security testing is something shared among developers, devops, testers and auditors -- this mingled situation we recreate during exercises.

timing/ days: was planned to
'19 MAY27-28
venue/ seats: OWASP Global AppSec
~15
trainer: Glenn ten Cate
agenda: course desc.
language: English

Budapest, 1903 [past]

Péter Nyilasy

JavaScript secdev

Budapest (HU), one-day intensive training
1 XL day (7hrs education time)

description:

The one-day javascript security training will cover the fundamentals of secure coding in javascript. We will teach the most important web vulnerabilities related to javascript from the perspective of the developer. They will learn how to find vulnerabilities during testing, how to recognise them within the source-code, how to avoid, and how to mitigate them.

timing/ days: '19 MAR21
venue/ seats: One Identity Balabit HUB
15+
trainer: Péter Nyilasy
agenda: course desc.
language: Hungarian

Vienna 1805 [past]

Android secdev & test automation

Vienna/Wien (AT), intensive training, 1 track, 2 topics

description:

All classes were tuned for advanced audience (mostly comprehensible for juniors though). The Android secure development and coding classes followed the OWASP Mobile ASVS sections. The quarter of the course was dedicated to the integrated security testing automation and vulnerability management in the CI/CD pipeline (we introduced a ready to implement solution).

dates: '18 MAY31-JUN01
venue: MuseumsQuartier Wien [4 tables]
trainers: Glenn ten Cate, Zsombor Kovács,
Riccardo ten Cate
course: Android+CICD agendas
days: 2 days event

Budapest 1611 [past]

Secdev mastering & S-SDLC & Mobile

Budapest (HU), basic to advanced training, 1 track, 3 topics

description:

Our pilot event was in 2016 in Budapest where the idea of the project was born. The agenda in reverse order was as follows: The third day was a real tidbit, when secdev management practices were evaluated eg.: Secure SDLC and AppSec Management, DevOps security, Security testing, SIEM (Security Information Event Monitoring), IAM and the mobile application security from a defensive point of view. On the previous day, Jim and Glenn mastered the developers’ secure coding skills through modules like HTTP security, HTTPS/TLS best practices, Input validation, serialization, Solving input injections, CSRF and Clickjacking defense, Webservices security, AngularJS security. All these module required an advanced knowledge of the field. The entry level knowledge to these modules we delivered on the first day. So with those two first days def.dev provided a complete secure coding course.

dates: '16 NOV17-19
venues: Marriott Courtyard Budapest City Center, Hotel Gellért [55-75 visitors]
trainers: Jim Manico Glenn ten Cate, Zsombor Kovács,
days: 3 days event; D1: secdev preps, D2: secdev mastering, D3: s-sdlc and mobile
promo: event trailer on youtube

Our distinguished clients

Our sponsors

Our partners

For sponsors

def[dev]eu events provide a unique opportunity for the secure development tooling and services providers to get in touch with developers and team leaders from cool European development teams and IT departments

Assistance,
feedback, questions

For assistance and questions contact our support!

[email protected] select/copy assistance form google form
@defdeveu direct message us +36309225777 11am-8pm Berlin time

Do not hesitate to ask questions, request assistance, call for support, ask about the courses, discounts, invoicing, payment options, team tickets, visa support, hotels, etc.

We also understand that buying expensive tickets still requires a decision making process, even if our trainings are superior. ,)

We suggest you walk through the following steps:

Start with our pitch above
If the flow requires involving others, we suggest you share that pitch: https://def.dev/#pitch
Check out the upcoming events (https://def.dev/#upcoming)
Review the catalog of our courses, details and agendas (https://def.dev/dir)
Some details about booking tickets are clarified right below (https://def.dev/#tickets)
Don't hesitate to contact us on the above channels: assistance form, email, twitter dm or call (https://def.dev/#support)

Tickets guide for the public trainings

The tickets flow in short

Booking: Alice books tickets for Bob and Eve or herself (via a corresponding google form) -> Alice gets a VAT invoice in email from def.dev to pay and pays via wiretransfer or Paypal -> Alice gets voucher(s) in an email ->
Enrollment: Bob and Eve (or Alice) use their personal vouchers to enroll (via a corresponding google form) -> done.
[Alternatively] Fast booking/reservation: If you are an individual visitor, you can also pay €50 now to reserve your seat, and pay the rest cca. 3 weeks before the event.

Booking

Use the corresponding booking form to indicate your order (the 'book tickets' button/tab on the event page will ignite a link similar to defdev.eu/e/1905.vie.xxx/book which will redirect to the google form).
It doesn't matter at this step whether you book a seat for yourself or seats for others.
When booking please check the header of the form for details and instructions.
Upon receipt of your booking form we will contact you in email.
We send you an invoice when all the particulars are clear for us and confirmed on your side.
Upon receipt of payment we send you vouchers, one voucher per seat (visitor).
The vouchers are 6 characters codes.
If your were helping your colleagues to book their seats, you forward the vouchers one-by-one to the eligible individuals.

Enrollment

The enrollment form is available via the 'Enroll w voucher' tab on the event page.
The enrollment link is something similar to defdev.eu/e/1905.vie.xxx/enroll which will redirect to the google form.
A visitor enrolls herself to the course using her personal voucher code at the corresponding form.
When the event is approaching we will contact the enrolled/registered visitors with a so called "student's doc" which will contain all the details of the course. May that document not be shared with a student/visitor 5 days prior the event, please alarm us at the above channels!

Fast booking/reservation

May the above corporate flow not fit your situation, you can choose to pay €50 now as a deposit to reserve your seat at the price of today, receive your invoice, and pay the rest cca. 3 weeks before the event.

Hit the 'Reserve fast (€50 deposit)' button/tab on the event card. Pay that deposit instantly at PayPal / with any debit/credit card.
We will contact you in email within a day to confirm your reservation.

What payment options are available?

Wiretransfer (SEPA/SWIFT/Wise), online card payment (Visa, Master, etc via Revolut), Paypal-to-Paypal.

What VAT rate applies/payable/included/excluded?

In case of EU VAT subjects (except the Hungarian businesses) and of non-EU clients the rate is 0%.
Thus ticket price of €1000 is net 1K + 0 VAT payable.
For all the other clients -- EU individuals and Hungarian companies -- the VAT is 27%, and is NOT included in the announced ticket prices.
Thus the announced ticket price of €1000 means €1'270 payable for them (including VAT).
Note: special fiscal/taxation regulation cases may apply.

Are the tickets refundable?

We refund the price you paid with deduction of a €50 cancellation fee per seat when cancellation is requested by a client latest on the 32nd day prior the event. In case of the later requests we are ready to suspend and reassign your order to an other training (€50 re-booking fee per seat applies).

Why is that weird note at the event card: "In the unlikely case of low demand this training can be gracefully cancelled..."?

One of the standard conditions of our public trainings is that the booked tickets are to cover the costs. If on the 32nd day prior to the event we see that the announced training may end up in losses then we may cancel it with full rollback. All parties retire back to square one. You as the client get full refund of the money transfered for the tickets of the cancelled event.

Who issues the invoices and is the beneficiary of payments?

azd.security Kft., Budapest, Hungary
VAT: HU13804079, Estd: 2006, EU ID: HUOCCSZ.01-09-874089 [in Hungarian only, but the official registry, pass the captcha first]
PayPal merchant ID: FUBRZGH72QGZQ

eezza Kft., Budapest, Hungary
VAT: HU12099265, Estd: 1996, EU ID: HUOCCSZ.01-09-465607

We require special kind of invoice due to our local regulations, is it possible to get such?

Sure! Let's arrange that at the booking stage.

FAQ

What is the difference between development security and secure coding?

We prefer to tag our development security courses as "devsec", but usually this type of courses are referred to as secure coding courses, or application security, or secure development courses. In our view, the devsec is a broader field than just secure coding, it includes S-SDLC. S-SDLC is not about coding but methods, approaches, practices and tools. It's also DevSecOps without Ops.

What kind of training can an attendee expect? Is it a hands-on training with computer labs or is it more like talks about certain topics?

The lectures are trimmed down, we deliver many demos and sustain involvement of the students with hands-ons and tabletops.

With what equipment should a student visit the trainings?

Bringing your own deving device (laptop) is the prerequisite. The device you use for hacking your code.

I would like to make a def.dev event in my city, is it possible?

def.dev is open for cooperation with local professionals. def.dev has strict rules of quality and format. Please contact us.

Is lunch included in the ticket price?

Unless otherwise indicated on the event card -- no. We supply some snacks, non-alcoholic drinks and coffee most of the times.

Dress code?

No dresscode.

For press

EN

Glenn ten Cate and Timur Khrotko introduce def[dev]eu, the defensive development education and mastering project. The def[dev]eu training events series is dedicated to helping developers and other professionals involved in the S-SDLC build and maintain secure software. The def.dev events are popping up in different European locations.

The first defdeveu was held in November 2016 in Budapest together with Jim Manico.

See you in Vienna, Amsterdam, Berlin or Kraków, and stay tuned for the continuation of the def.dev series! https://def.dev https://twitter.com/defdeveu