Turn training into results. We design programs that drive measurable security improvements and long-term value.
Collaborate on a
Jerry Hoff is a recognized leader in application security with over 30 years of experience. He has held executive and senior technical roles, including Executive Information Security Officer at Sony and Senior Security Architect at NTT. For the past 20 years, he has taught thousands of developers in critical industries, helping them build more secure applications through practical, hands-on instruction.
He is a longtime contributor to OWASP, co-lead of the OWASP Virtual Chapter, and the creator of WebGoat.NET. Jerry is known for making complex security topics clear and actionable, enabling developers to apply secure practices immediately.
2–3 day, hands-on secure coding workshops
Learn to write secure software in Java, C#, JavaScript, Python, and PHP. Real code, real attacks, real defenses.
1–2 day classes in AI-assisted development security
Avoid common AI code pitfalls, use AI models securely, and integrate AI without introducing new risks.
Training for developers, SOC, QA, and executives
Equip your teams to recognize, resist, and respond to today’s evolving threats—tailored for every role.
Implement Secure by Design and Zero Trust
Design resilient systems from the ground up. Build strong, secure foundations aligned with modern best practices.
When it comes to strengthening your security posture, one-size-fits-all doesn't work. Our training programs are developed collaboratively with you, ensuring they address your specific challenges and tech stack while delivering practical skills your developers can apply immediately.
Client success stories
Discover how our training empowers teams
With decades of hands-on experience across AppSec, secure coding, and developer enablement, Jerry brings both breadth and depth to every conversation. He’s seen the evolution of software security firsthand, and has helped shape it.
Jerry is one of the most gifted security educators I've encountered. He distills complex concepts into clear, actionable insights that stick. I highly recommend Jerry to exponentially level up your team’s security knowledge.
Our programs are crafted to boost secure coding skills and ensure compliance, offering flexible delivery options to suit your needs.
We begin with a discovery call to learn your team's needs, such as reducing vulnerabilities or meeting compliance requirements. Then we build a custom plan with relevant modules, hands-on labs, and delivery formats that fit your workflow.
Training ranges from 2-hour focused sessions to 2-day intensive workshops. We work with you to structure learning that minimizes disruption to development cycles and fits your sprint schedules.
We assess current knowledge during discovery and create learning paths for beginners through advanced practitioners. Mixed-level teams get differentiated content within the same program.
We focus on practical developer security: secure coding practices, vulnerability prevention, threat modeling, API security, cloud security, and AI security (securing AI systems, using AI for security, and AI-assisted development). Content is tailored to your tech stack and real development challenges.
Most programs launch within 2-3 weeks after our discovery call. We'll provide a clear timeline during planning so you can communicate rollout to your team.
Beyond initial training, we offer refresher sessions, updated content for emerging threats, and consultation on security questions that arise during your development work.
Reach out for customized training solutions.