There are 5 levels organizational maturity when approaching web application security.  Organizations that have progressed to the proactive level (see slide below) realize that to reach the managed level they must consider security during the entire SDLC, beginning in the design phase.

Who is this seminar for? Software architects working on application design and environment definition.

Seminar format?  10 classes normally delivered 1 day/week for  10 weeks.

Expertise level? 400 Level.  Attendees are assumed to have knowledge of the SDLC and software core concepts such as authentication, authorization, object-oriented design, etc.

Topics covered?

   Class 1: Threat and attack methods
   Class 2: Assurance; Security requirements and specifications
   Class 3: Planning
   Class 4: Trust Realms, communications and storage
   Class 5: Operational considerations, maintenance, and recovery
   Class 6: Access Control
   Class 7: Authorization
   Class 8: Transactional issues
   Class 9: Distributed Systems
   Class 10: Methodologies

The complete seminar description can be found here.