This course can be adapted to the following programming languages: C / C++ / JAVA / PHP / WEB / C# / .NET / ASP / .NET
The training targets experienced developers who use various development platforms and environments to develop applications (both desktop and web). Aligned to this, it tackles web-related security issues–including both server-and client-side vulnerabilities –, general security issues of various technologies –including Java, .NET, web services and XML –as well as the consequences of typical coding mistakes in different environments, platforms and programming languages. Even though the starting point is ethical hacking, the main goal of demonstrating the techniques used on the dark side is the protect against them and thus mitigate the risks. This Advanced Software Security - Beyond Ethical Hacking training course is the best selection of our “negative security” subjects: lots of live-hacking fun, with a single purpose to learn how to avoid the exploitable security-relevant programming bugs and flaws.
What the attendee will learn:
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn about XML security
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Understand some recent attacks against cryptosystems
- Realize the severe consequences of unsecure buffer handling in native code
- Understand the architectural protection techniques and their weaknesses
- Realize the severe consequences of unsecure buffer handling
- Learn about denial of service attacks and protections
- Get practical knowledge in using security testing techniques and tools
- Learn how to set up and operate the deployment environment securely
- Get sources and further readings on secure coding practices