top of page
Azure Application Security (CAWASP)
Azure Application Security (CAWASP)
 
Course Description
Azure Application Security (CAWASP) is a specialized training program designed to teach developers, security engineers, cloud architects, and DevOps professionals how to secure applications running in Microsoft Azure. This course focuses on modern cloud security principles, application hardening techniques, and Azure-native services that help protect against evolving threats across web, API, and microservice architectures.
 
You’ll learn how to secure authentication and authorization flows, implement least-privilege access, safeguard secrets, defend against common vulnerabilities, and apply secure development practices aligned with OWASP guidelines. The course also explores Azure tools such as Azure AD, Key Vault, App Service security features, Azure Firewall, WAF, Defender for Cloud, API Management, and managed identity.
 
Through hands-on exercises and real-world security scenarios, you’ll gain the knowledge to design, implement, and maintain secure application environments in Azure while complying with organizational and regulatory requirements.
 
What You’ll Learn
Cloud & Application Security Foundations
  • Core principles of Azure application security
  • Mapping OWASP best practices to Azure cloud services
  • Understanding identity, access control, and Zero Trust design
 
Identity & Access Protection
  • Securing apps with Azure Active Directory and managed identities
  • Implementing OAuth2, OpenID Connect, and RBAC
  • Enforcing conditional access and MFA for sensitive operations
 
Secrets, Keys & Sensitive Data Protection
  • Using Azure Key Vault for secrets, certificates, and key management
  • Encrypting data in transit and at rest
  • Implementing secure configuration management
 
Application Layer Security
  • Protecting APIs with Azure API Management
  • Preventing common attacks such as injection, XSS, CSRF, SSRF
  • Securing microservices, containers, and serverless applications
 
Infrastructure & Network Security
  • Configuring Azure Firewall, NSGs, and Private Endpoints
  • Hardening App Service environments
  • Implementing WAF policies for threat detection and mitigation
 
Monitoring, Detection & Compliance
  • Using Defender for Cloud for threat monitoring and security posture management
  • Responding to alerts and remediating vulnerabilities
  • Applying secure DevOps and CI/CD scanning practices
 
Who This Course Is For
  • Application security engineers
  • Cloud engineers and architects
  • Developers securing Azure-hosted applications
  • DevOps professionals integrating security into pipelines
  • Anyone implementing OWASP-aligned protections in Azure

Azure Application Security (CAWASP)

    bottom of page