Get in touch

Manicode Security
POB 676
Anahola, HI
(808) 652-3805


Learn to



At Manicode Security 100% of our focus is teaching your developers to write secure code. We bring a combination of passion, style and years of research into all of our education offerings.

contactmore info




Our education programs are designed for any web developer, architect, security professional or other software development professional who needs to build and maintain secure software.

About Our Bootcamp

Build Your

Own Custom


We help you to build a custom class on secure coding from our large selection of learning modules. These include HTTP Basics, Authentication Best Practices, Access Control Design, XSS Defense, CSRF Defense, Safe File I/O and many more.

More Info

Learn to secure your applications!

The major cause of insecurity is the lack of secure software development practices. This highly intensive and interactive course provides essential application security training for web application, webservice and mobile software developers and architects. Jim’s classes are a combination of lecture, security testing demonstration and code review.


Web Apps


Mobile Apps




Native Apps


Web Apps


Mobile Apps




Native Apps

What you will learn

Students will learn how to code secure web solutions via defense-based code samples. As part of this course, we will explore the use of third-party security libraries and frameworks to speed and standardize secure development. We will highlight production quality API's from various languages and frameworks that provide production quality and scalable security controls. Jim offers custom onsite developer training which pulls from the following topics:

HTTP Security
Injection Defense
Access Control
XSS Defense

Content Spoofing
HTML Hacking
Access Control

Applied Crypto Basics
Mobile Security
SDLC & Architecture
App Intrusion Detection
Webservice Security
HTML5 Security

Multi-Form Workflows
Intro to Threat Modeling
OAuth Best Practices
File Upload Security
Spring Security
Angular Security

Who should attend?

Any web developer, architect, security professional or other software development professional who is tasked with building secure web applications, web services or mobile applications.

Logistics requirements

Students should bring a basic laptop, tablet or smart phone that can read a PDF. The courseware will be distributed digitally. Any stardard PC or Mac is necessary for lab-centric classes.

1 Day Class Sample Schedule

10 am   HTTP Basics, SQL Injection
11 am   Authentication
12 pm   XSS Defense, CSP
1 pm   Access Control Lunch
2 pm   Cross Site Request Forgery
3 pm   Applied Crypto Basics
4 pm   App Layer Intrusion Detection
5 pm   Webservice/Mobile Security

Selected talks from Jim

Jim Manico is a respected speaker at security conferences

Want to learn more?

Let’s have a chat!

inquire now


The Professor

Jim Manico – Author, Speaker, Consultant

  • Bio

    Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also the founder of Brakeman Security, Inc. and is a investor/advisor for Signal Sciences. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. Jim is also a volunteer and former board member for the OWASP foundation. He is the author of Iron-Clad Java: Building Secure Web Applications from McGraw-Hill. For more information, visit http://www.linkedin.com/in/jmanico.

  • Want more information?

    Email : jim@manicode.com
    Phone: (808) 652-3805


Listen to what others have said about Jim Manico


Johannes Ullrich

Jim is a high energy talented programmer. I worked with him on a number of complex coding projects and he did show great skill in organizing and implementing these projects. He does understand the concepts of web development very well, in particular the need for and implementation of security measures. In addition, Jim communicates well and is a great team player.


Jerry Hoff

Jim is extremely charismatic, energetic and highly technical. He has unparalleled skill in developing J2EE applications, which are both robust and secure. His knowledge of application security and security architecture is phenomenal, and he is leading a vigorous campaign to change the J2EE spec to make it more secure. I recommend Jim for any development, security or training project.


Josh Brown

 Jim taught one of the more recent security classes, and having observed many classes in action I can honestly say he really stood out as an instructor. He very successfully engaged the diverse demographics in the class  and convinced all of them why the security issues pertained to their immediate job, and were the concerns of all information employees. 


Manicode Security is thrilled to work with trusted industry partners.

Feisty Duck

Feisty Duck is a London-based publisher of computer security books (Bulletproof SSL and TLS) and provider of public and on-site computer security training. Our practical hands-on courses for system administrators, developers, and IT security professionals are taught in small groups and delivered by industry experts. Courses include SSL/TLS, Internet PKI, Content Security Policy, and Apache/ModSecurity. Visit https://www.feistyduck.com for more information.

Codiscope Secure Coding

Codiscope is improving the quality of software everywhere by creating developer tools and training that help them build and deploy secure code faster. With Jacks, developers can learn secure coding best practices and eliminate security issues before they ever leave the dev environment. Developer-driven security means stronger, safer applications for users everywhere. Learn more about Codiscope Jacks or visit Codiscope.com.

IOActive Secure Coding

IOActive is a security consultancy with a global presence and deep expertise in hardware, software, and wetware assessments. Our mission is to make certain your enterprise is more secure in an era of pervasive and emerging threats. Visit https://www.ioactive.com for more information.