// course_file
Cybersecurity · Cohort (evenings)
Security Basics for Builders
Threat modeling drills for people who ship automations and internal tools.
5.400.000 ₫ · 4 weeks · Beginner
Schedule: Evening Certificate of completion
Languages: English, Vietnamese captions
Overview
You will not become a pentester here. Instead you learn to read CWE summaries, log meaningfully, and escalate responsibly. Labs include broken-by-design mini apps.
Included modules
- STRIDE whiteboard sessions
- JWT misuse gallery
- Secrets hygiene checklist
- Two guided threat models
- Responsible disclosure template
- Office hours on OWASP ASVS excerpts
- Capstone: annotated architecture review
Outcomes
- Complete a STRIDE worksheet for one internal app
- Draft a secrets rotation memo
- Run a 10-minute security stand-up agenda
Lead mentor
Anh Vo
Appsec consultant supporting banks and edtech marketplaces.
FAQ
No exploitation frameworks. We discuss concepts and safe reproduction steps only.
Participant notes
“JWT misuse gallery made our retro less abstract. Still wish we had one more session on supply chain, but the reading list covers it.”