This course can be adapted to the following programming languages: C# / .NET / ASP / .NET / WEB Developers / Testers
NET and related technologies provide an environment and a number of different solutions and tools to support security development. The course gives a comprehensive overview of these techniques, starting off from Web application security –both on the server-and on the client-side –, and presents the most frequent security vulnerabilities stemming from both language-specific issues and the runtime environment. The Web-related vulnerabilities as well as some common coding mistakes in C# are introduced through a number of practical exercises. By understanding the operation of the security components, executing attacks and applying protection methods one can gain a complete picture of security of web applications implemented in managed code.
What the attendee will learn:
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn about XML security
- Learn client-side vulnerabilities and secure coding practices
- Learn about denial of service attacks and protections
- Understand security concepts of Web services
- Learn about JSON security
- Learn to use various security features of the .NET development environment
- Have a practical understanding of cryptography
- Understand essential security protocols
- Get information about some recent vulnerabilities in .NET and ASP.NET
- Learn about typical coding mistakes and how to avoid them
- Understand security testing approaches and methodologies
- Get practical knowledge in using security testing techniques and tools
- Get sources and further readings on secure coding practices