Secure .Net Coding is a hands-on, lab-intensive .Net security, code-level training course that teaches you the best practices for designing, implementing, and deploying secure programs in .Net. This course explores well beyond basic programming skills, teaching developers sound processes and practices to apply to the entire software development lifecycle. You will take an application from requirements through to implementation, analyzing and testing for software vulnerabilities. Perhaps just as significantly, you will learn about current, real examples that illustrate the potential consequences of not following these best practices. The course provides a solid foundation in basic terminology and concepts, extended and built upon throughout the engagement. You will examine various recognized attacks against web applications. Processes and best practices are discussed and illustrated through both discussions and group activities. This workshop is approximately 50% dynamic lab exercises and 50% lecture, providing in-depth, code-level labs. The second portion of the course steps through a series of vulnerabilities illustrating in very real terms the right way to implement secure .Net applications. The last portion of the course examines several design patterns that can be used to facilitate better application architecture, design, implementation, and deployment. A key component to our Best Defense IT Security Training Series, this workshop is a companion course with several developer-oriented courses and seminars. Although this edition of the course is .Net-specific, it may also be presented using Java or other programming languages.
According to research by the National Institute of Standards, 92% of all security vulnerabilities are now considered application vulnerabilities and not network vulnerabilities.
Concepts and terminology behind defensive coding
Using Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets
Threats and attacks that take place against software applications in today's world
Using Threat Modeling to identify potential vulnerabilities in a real-life case study
Static code reviews and dynamic application testing to uncover vulnerabilities in .Net applications
Vulnerabilities of the .Net programming language and the runtime environment as well as how to harden both
Working with .Net platform security to gain an appreciation for what is protected and how
Basics of Cryptography and Encryption and where they fit in the overall security picture
.Net Cryptographic services
How role-based security works in .Net and using it to control access
How Code Access Security (CAS) works and using it to control access
Mechanics of isolated storage
Fundamentals of XML Digital Signature and XML Encryption
Who Can Benefit
This intermediate-level .Net programming course is designed for developers who wish to get up and running on developing well-defended software applications.
Familiarity with the C# programming language is required, and real-world programming experience is highly recommended.
Defensive Coding Overview
Thriving Industry of Identify Theft
Dishonor Roll of Data Breaches
TJX: Anatomy of a Disaster
Heartland: What? Again?
Terminology and Players
Assets, Threats, and Attacks
OWASPCWE/SANS Top 25 Programming Errors
What They Mean to Your Applications
Security Is a Lifecycle Issue
Minimize Attack Surface
Defense in Depth Layered Defense
Consider All Application States
Not Trusting the Untrusted
Security Defect Mitigation
Unvalidated Input XSS/CSRF, Injection, and Others
Broken Authentication and Authorization
Information Leakage Error Handling, Logging, Insecure Storage, and Others
Spoofing Protecting Your Users and Your Applications
https://www.exitcertified.com/training/specialized/development/secure-net-coding-21061-detail.htmlTT8200-NSecure .Net Coding https://assets.exitcertified.com/assets/CourseImages/3f8c4d6cbd/AdobeStock_208219602__FitMaxWzEwMDAsMTAwMF0.jpg2095.00USDInStock/Training/Specialized/DevelopmentSecure .Net Coding is a hands-on, lab-intensive .Net security, code-level training course that teaches you the best practices...2095.00SpecializedClassroom2013-04-25T13:48:50+00:00USD