Secure Ideas’ Application Security Testing for PCI-DSS class focuses on web and mobile application and API flaws such as the OWASP Top 10. This class meets the requirements for developer training within the PCI-DSS. The students will explore SamuraiWTF and various targets to learn the techniques of penetration and security testing. We will also focus on the various vulnerabilities that affect applications and web APIs. The class will teach these vulnerabilities, such as XSS, CSRF, SQL injection, and others, from both the perspective of how to find them within an application and how to defend against the attacks.