InfoSec Institute: Writing Secure Code Series
Secure Coding in .NET: ASP.NET/C#/VB.NET Edition
InfoSec Institute’s Award Winning Secure Coding in .NET: ASP.NET/C#/VB.NET Edition provides the most comprehensive approach to developing Secure .NET Applications. This course is designed for ASP.NET  and C# developers that require effective, real world, secure programming skills they can implement immediately at the workplace.
InfoSec Institute brings you our Secure Coding in .NET: ASP.NET/C#/VB.NET Edition course. This comprehensive 3-day course is designed to educate professional programmers on the skills necessary to develop and deploy secure applications as a fundamental element of the entire application development process:
- The objective of our Secure Coding in .NET course is to encourage you to take security seriously by demonstrating concrete, hands-on examples of vulnerable code.
- You will learn which poor programming practices lead to vulnerable code, how to code securely, and maintain secure development practices throughout the SDLC.
- You will sharpen skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing and securing real-world applications.
- You will be given the opportunity to participate in securing and testing applications through a progression of "challenge scenarios" alternating assignments as "attackers" and "defenders" of applications.
Secure Coding in .NET: ASP.NET/C#/VB.NET Edition Course Benefits and Goals:
Our 3-day intense course provides attendees with a look at how poor security practices leave applications open to attack, and then walks you through the necessary tools, techniques and Best Practices in order to ensure you know how to write code in a secure manner.
Only InfoSec Institute's Secure Coding in .NET: ASP.NET/C#/VB.NET Edition Course offers you the following benefits:
- Three (3) days of InfoSec Institute training with a .NET expert, bringing from the field experience and insight. Our experts have extensive experience developing .NET applications in both C# and VB.NET. Our instructors have performed hundreds of security code reviews for enterprise .NET
 applications.
- Improvement in skills required to build and maintain secure applications
- Lunch and snacks provided on each day of class
- Provide compliance for the OWASP Top 10 training component in the PCI DSS Standard
Course Objectives:
Upon Completing our Secure Coding in .NET will provide you with valuable knowledge and skills including the ability to:
- Understand common web application exposures and attacks
- Provide compliance for the OWASP Top 10 training component in the PCI DSS Standard
- Learn static analysis techniques for quickly finding web application flaws
- Understand the secure use of C#/VB.NET API
- Learn how to code defensively and perform proper input validation
- Learn threat modeling techniques to identify architectural issues as early as possible in the SDLC
The InfoSec Institute Experience:
During the Three Day program, our instructors give you 110% of their time and dedication to ensure that your time is well spent. You will receive an all-inclusive immersion experience by receiving your hotel stay and most meals during your training experience; therefore you eat, sleep and train at the learning facility with no distractions! The schedule rolls out as follows:
Some of the topics you will learn to master during the Secure Coding in .NET:
- General Web Application Security Concepts
- .NET Framework Security Features
- Input Validation & Encoding
- Input Driven Attacks
- Validation Best Practices
- Output Encoding
- Common Authentication Weaknesses
- Authorization Best Practices
- Controlling Application Access
- Password Security
- Session Hijacking & Trapping
- Protecting User Sessions & Tokens
- Canonicalization Problems
- Parameter Manipulation
- Encryption, Confidentiality & Data Protection
- Cookie-Based Attacks
- Protecting Application Variables
|
- Error Handling & Logging
- Attacking via Error Messages
- Secure Logging & Error Handling
- Server Configuration & Code Management
- Common App Server Misconfigurations
- Protecting Application Code
- XML Web Services
- Overview of WSDL, SOAP & AJAX Security
- Web Service Attacks
- AJAX Pitfalls
- Web Service Best Practices
- Application Threat Modeling
- Application Context
- Identifying Attacks, Vulnerabilities & Countermeasures
- Threat Modeling Tools
- Cache Control Issues
- SSL Best Practices
|
Who Should Attend:
- .NET Application Developers
- C# Programmers
- ASP.NET Developers
- Managers, Architects and Technologists involved in deploying .NET applications
Prerequisites
Prior to enrolling in InfoSec Institute’s Secure Coding in .NET, students should have roughly 12-24 months of experience working with .NET Applications. Attendees should have an understanding of web applications, web programming concepts, and experience building web applications using the .NET Framework. A basic understanding of IT security principles is recommended but not required. No advance preparation is required for this session
If you are unsure if you meet the required prerequisites, contact us for a quick skill check.
Current Course List:
Current Pricing (Call 866-471-0059 for up-to-date deals):
*Available Back-To-Back with Ethical Hacking, call for information on discount program |
