Secure Programming Foundation 2 Days Training in Seoul

  • Seoul South Korea
  • Start: Jul 19 2022 00:00
  • Finish: Dec 01 2024 00:00
  • Time zone: Asia/Seoul
Course Description:
This course teaches you the basic principles of secure programming. The course is aimed at every programmer or software developer who develops any application in any programming language.
Course Topics:
Secure Programming Awareness
●      Why Secure Coding + EXERCISE
Introduction to Secure Programming
●      What is security?
●      Security jargon + EXERCISE
●      Threats
●      STRIDE Method + EXERCISE
●      Attack surface and Trust zones
●      Web applications + DEMO
●      HTTP Requests
●      HTTP Responses + EXERCISE
●      HTTP Header injections + EXERCISE
●      Browser Security Model + EXERCISE
●      Current state of web security
Authentication and Session Management
●      Authentication + DEMO, EXERCISE
●      Password storage + EXERCISE
●      Managing lost passwords
●      Sessions and cookies + DEMOS
●      Cross-Site Request Forgery + EXERCISE
●      Clickjacking
Handling Input
●      Injection Attacks
●      Subsystems and data flows
●      User input & Trust + EXERCISE
●      SQL injection + DEMOS, EXERCISES
●      Input validation + EXERCISES
●      Buffer overflows + DEMO, EXERCISE
●      Cross-site Scripting (XSS) Attacks + DEMOS, EXERCISES
●      File Uploads + EXERCISES
●      Encoding + DEMO
●      Second order injections
Authorization
●      Checks
●      Session Poisoning + EXERCISE
●      Race conditions
Configuration, Error Handling, Logging
●      3rd Party components
●      Configuration and hardening + DEMO
●      Information Leaks
●      Reduce attack surface
●      Side channel attacks
●      Error handling
●      Denial of Service + EXERCISE
●      Logging
Cryptography
●      Man in the Middle attack
●      Trusted 3rd party
●      Threats
●      General guidelines
Secure Software Engineering
●      Assessment + EXERCISE
●      SDLC and Security
●      Requirements
●      Threat modeling + EXERCISE
●      Secure design
●      STRIDE per element
●      Architecture analysis + EXERCISE
●      Secure coding + DEMO
●      Security testing
Learning Goals:
●      Understanding the various issues of insecure software
●      Understanding how software vulnerabilities come into existence, how an attacker can exploit these, and what measures to take to counter this
●      Understanding how to integrate security in the requirements, designing, coding and testing phases of the software building process
Course Agenda:
Day 1
●      Introduction
●      Secure Programing Awareness
●      Introduction to Secure Programming
●      Authentication and Session Management
●      Handling Input (1)
Day 2
●      Handling Input (2)
●      Authorization
●      Configuration, Error Handling, Logging
●      Cryptography
●      Secure Software Engineering
Who can Attend?
All software developers, lead programmers and software architects. This course is programming language agnostic, so every developer can attend this course.

Ads Links by Easy Branches
Play online games for free at games.easybranches.com

Guest Post Services www.easybranches.com/contribute