One vulnerability can destroy your business.

Cyber threats are sharply increasing in Indonesia, and the PDP Law and GDPR regulations now apply to anyone processing user data. This training equips your developers with practical practices to build secure applications — including how to use AI like ChatGPT, Claude, and Copilot without leaking company data.

Focus Developer

The material is specifically designed for programmers and engineering teams, not generic IT training. Real code examples, not theoretical slides.

Secure AI

How to use ChatGPT, Claude, and Copilot at work without disclosing company code or sensitive data.

Certification

End the pass/fail exam. Participants who pass receive an official certificate from Desent Solutions GmbH (Germany).

Bilingual in Class

The training is conducted in Indonesian with technical terms in English — in accordance with industry practice.

Who Teaches

Pelatihan keamanan siber ini dibawakan oleh Tobias Winter.

Tobias Winter

Senior Fullstack Developer

Munich, Germany

Hello, my name is Tobias Winter and I am a Senior Fullstack Developer at Desent.io. I come from Regensburg, Germany.

Chat WhatsApp Full Profile →

Training Curriculum

Ten structured modules — from fundamentals to AI integration in security workflows.

1. Introduction: Why Security is Important for Developers

•Developer's responsibility for user data and production code
•Case study of actual violations in Indonesian SaaS companies
•Legal consequences of the PDP Law (Personal Data Protection) and GDPR
•How a small vulnerability can damage a company's reputation

2. OWASP Top 10 untuk Aplikasi Web Modern

•Injection, Broken Authentication, Sensitive Data Exposure
•Insecure Deserialization, XXE, Broken Access Control
•Cross-Site Scripting (XSS) dan Cross-Site Request Forgery (CSRF)
•Live demonstration of attack and mitigation in code

3. Secure Coding: Input Validation, Output Encoding, Error Handling

•Validate input at all layers (client, server, database)
•Encoding output to prevent XSS and injection
•Error handling without exposing stack trace or internal data
•Defensive programming: assume hostile input

4. Autentikasi, Otorisasi & Manajemen Sesi

•Correct implementation of password hashing (bcrypt, Argon2)
•JWT, OAuth 2.0, dan session management aman
•Multi-factor authentication (MFA) di aplikasi Anda
•Role-based access control (RBAC) dan principle of least privilege

5. Keamanan Data: Enkripsi, Hashing, Manajemen Secret

•Differences between encryption, hashing, and encoding — when to use each
•Secure secret storage (Vault, AWS Secrets Manager, .env)
•Jangan pernah commit secret ke Git — cara membersihkan history
•TLS, HTTPS, dan enkripsi data at-rest vs in-transit

6. API Security & Supply Chain (Dependency Risk)

•Rate limiting, API key rotation, dan API gateway
•Risk of npm/pip/composer dependencies and how to audit
•Software Bill of Materials (SBOM) dan dependency scanning
•Case study log4shell and event-stream — how to detect earlier

7. AI Safety: Using ChatGPT/Claude/Copilot Safely

•What should NOT be attached to the public AI prompt
•Risk of prompt injection in your application using LLM
•Self-hosted vs Commercial API — data security considerations
•Healthy AI policy for engineering teams

8. AI untuk Keamanan: Code Review, Static Analysis, Threat Detection

•Using AI for automatic code review and vulnerability detection
•Static Application Security Testing (SAST) berbantu AI
•Anomaly detection in production logs with AI model
•Practical workflow: PR review + CI/CD + AI gate

9. Penanganan Insiden, Logging & Audit Trail

•What is included in security incidents and their classification
•Useful logging vs logging that leaks data
•Incident response plan: who, when, how to report
•Reporting obligation within 72 hours according to PDP/GDPR

10. Certification Exam

•10–20 multiple-choice questions covering the entire training material
•Minimum passing grade: 80%
•Official certificates are issued to participants who pass

Try Practice Questions

Here are 5 sample questions similar to the actual certification exam. The real exam contains 10–20 questions, and participants must achieve a minimum score of 80% to pass.

1. You receive a username input and directly insert it into an SQL query. What is the biggest risk?

2. Your team will use Copilot to speed up coding. What is the safest practice?

3. You accidentally committed a .env file containing the database password to a public repo on GitHub. What is the correct first action?

4. To store user passwords in the database, which method is correct?

5. An npm library you are using has announced a critical vulnerability (RCE). What is the first step?

Price

Price per participant. Includes training materials, certificate, and final exam.

Small Group

Rp 4,000,000

per participant · 1–10 participants

✓ Complete training materials
✓ Official certificate after passing the exam
✓ Bilingual Indonesian-English
✓ Final certification exam

Save 50%

Large Group

Rp 2,000,000

per peserta · lebih dari 10 peserta

✓ Complete training materials
✓ Official certificate after passing the exam
✓ Bilingual Indonesian-English
✓ Final certification exam

Clients & References

Several companies that have collaborated with us in Indonesia.

PT Cahaya Mentari

Bali, Indonesia

balifixer.com

Repair and maintenance service platform for properties in Bali.

“The training is very practical — our development team was able to immediately implement secure coding in the next sprint. The safe AI material is also very relevant to our current workflow.”

— Tim Engineering, PT Cahaya Mentari

PT. Alam Megah Berkilau

Indonesia

networksolution.id

Provider of network solutions and IT infrastructure for businesses in Indonesia.

“Pelatihnya tahu betul tantangan nyata yang dihadapi developer Indonesia. Pendekatan dwibahasa membuat materi mudah dipahami tanpa kehilangan istilah teknis penting.”

— Lead Developer, PT. Alam Megah Berkilau