Agenda Discovery Week Month

Curated for Me

SECO Secure Programming Foundation 2 Days Training in Montreal

Mangates
Write a Review
Select your rating. ( ) ( ) ( ) ( ) ( )
Endorsed by Curators:
Jul 13 9:00AM - 5:00PM

Course Description:

The Secure Programming Foundation course is the first level of the SECO Secure Software certification track.

This introductory course covers the basic concepts of secure programming. The course offers an ideal mix of theory and practice, where practical examples are illuminated with case studies.

Learning Goals:

The aim of the course is to enable candidates to apply security principles in design and code, detect security problems in software and explain the causes of these problems.

In more detail, candidates should be able to:

Understand the importance of security in the software life cycle and the logic behind security principles

Define basic security terms, e.g. STRIDE, attack surface, trust boundaries, password salting, authentication, authorisation, hardening, cryptography

Understand web application attack surfaces and trust boundaries

Explain the workings of HTTP requests and header injection

List password authentication vulnerabilities and relevant countermeasures

Summarise the security implications of session management and list relevant countermeasures against session fixation

Identify countermeasures against cross-site request forgery (CSRF) and clickjacking attacks

Identify and explain countermeasures against injection attacks

Identify and explain countermeasures against buffer overflows

Identify and explain countermeasures against cross-site scripting (XSS)

Identify and explain countermeasures against file upload attacks

Identify and explain countermeasures against character encoding vulnerabilities

Understand privilege escalation and list relevant mitigation techniques

Explain how to secure products by hardening and vulnerability scanning

Summarise how to prevent side channel attacks

Summarise how to prevent DoS attacks

Understand the importance of good error handling practices

Understand the security risks involved in logging

Understand symmetric and asymmetric cryptography, Man-in-the-Middle attacks and the pitfalls in SSL/TLS and HTTPS certificates

Explain how security requirements can/should be identified

Perform simple threat modelling exercises and identify security requirements for a system

Course Agenda:

The course covers eight areas of attention

Module 1: Secure Programming Awareness

Module 2: Security from a Technical Point of View

Module 3: Authentication and Session Management

Module 4: Handling Input

Module 5: Authorisation

Module 6: Configuration, Error Handling and Logging

Module 7: Cryptography

Module 8: Secure Software Engineering

Who can Attend?

Novice or experienced programmers or software developers whose primary activities include

developing software,

testing or auditing software,

facilitating software development

Upcoming Events

Write a Review
Select your rating. ( ) ( ) ( ) ( ) ( )
×
Endorsed by Curators:
IAITAM Mobile Asset Manager (CMAM) 2 Days Virtual Live Training in United Kingdom

IAITAM Mobile Asset Manager (CMAM) 2 Days Virtual Live Training in United Kingdom

Mar 30 9:00AM - 5:00PM
Course Description:The IAITAM Certified Mobile Asset Management (CMAM) Course prepares the individual and their organizations responsible for the Management of mobile devices. Mobile devices can have…
 
Write a Review
Select your rating. ( ) ( ) ( ) ( ) ( )
×
Endorsed by Curators:
Financial Modelling In Excel 2 Days Virtual Live Training in United Kingdom

Financial Modelling In Excel 2 Days Virtual Live Training in United Kingdom

Apr 06 9:00AM - 5:00PM
Course Description:Our financial modelling course provides a sound understanding of both the principles of financial modelling and the practical application of these to real-world situations by using…