Study any time, from any device.

Secure Coding for .NET Training

Learn how to develop Secure .NET applications. This boot camp is designed for ASP.NET and C# developers that require effective, real-world, secure programming skills they can implement immediately at the workplace.

Learn secure .NET coding

Boot camp overview

This comprehensive three-day Secure Coding for .NET (ASP.NET/C#/VB.NET) Boot Camp is designed to educate professional programmers on the skills necessary to develop and deploy secure applications. You will learn about potential security issues through concrete, hands-on examples of vulnerable code.

You’ll learn which poor programming practices lead to vulnerable code, how to code securely and how to maintain secure development practices throughout the development life cycle. You’ll sharpen skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing and securing real-world applications. You’ll also be given the opportunity to participate in securing and testing applications through a progression of “challenge scenarios” alternating assignments as “attackers” and “defenders” of applications.

Skill up and get certified, guaranteed

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

  • Three full days of of secure coding training with an expert instructor
  • Infosec digital courseware (physical textbooks available to purchase)
  • 90-day access to replays of daily lessons (Flex Pro)
  • Curated videos from other top-rated instructors (add-on)
  • 90-day access to hosted labs (Flex Pro)
  • 100% Satisfaction Guarantee

Course objectives

This boot camp teaches you how poor security practices leave applications open to attack and how to implement the necessary tools, techniques and best practices to write code in a secure manner. It will help develop your knowledge and skills around:

  • Common web application exposures and attacks
  • Compliance for the OWASP Top 10 training component in the PCI DSS standard
  • Static analysis techniques for quickly finding web application flaws
  • Secure use of C#/VB.NET API
  • How to code defensively and perform proper input validation

Award-winning training that you can trust

Rising Star

Partner Award

G2 Crowd Leader

Technical Skills Development Software

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

Who should attend?

  • .NET application developers
  • C# programmers
  • ASP.NET developers
  • Managers, architects and technologists involved in deploying .NET applications
  • Anyone interested in learning more about secure .NET coding

Prerequisites

Roughly 12-24 months of experience working with .NET applications is recommended. You should have an understanding of web applications, web programming concepts and experience building web applications using the .NET Framework. A basic understanding of IT security principles is recommended but not required.

Why choose Infosec

Your flexible learning experience

Infosec Flex makes expert, live instruction convenient with online and in-person formats tailored to how, when and where you learn best.

Public training boot camps held nationwide

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Catered lunches
  • Infosec community forum access
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Most Popular

Immersive, live-streamed instruction

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Detailed performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee

Tailored team training at your location

  • Pre-study course materials
  • Live, customized instruction at your location
  • Digital courseware
  • Daily reinforcement materials
  • Detailed team performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Can’t get away for a week?

Learn secure coding on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 400+ courses
  • 4 cyber range environments
  • 100+ hands-on labs
  • Certification practice exams
  • 50+ learning paths

You're in good company.

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

"The course not only met my expectations, but exceeded them. It was the most engaging online training I’ve ever had."

Val Vask

Commercial Technical Lead

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

Our clients

FedEx
Microsoft
Bank of America
Defense Information Systems Agency
Symantec

Find your boot camp

Secure Coding for .NET Boot Camp details

Course introduction

  • Web application environment and components
  • General web application security concepts
  • .NET framework security features

Input validation and encoding

  • Input-driven attacks
  • Validation best practices
  • Output encoding

Authentication, authorization and session management

  • Common authentication weaknesses
  • Authorization best practices
  • Controlling application access
  • Password security
  • Session hijacking and trapping
  • Protecting user sessions and tokens
  • Canonicalization problems
  • Parameter manipulation

Encryption, confidentiality and data protection

  • Cookie-based attacks
  • Protecting application variables
  • Cache control issues
  • SSL best practices
  • Protecting usernames, passwords and personally identifiable information
  • Common cryptography pitfalls

Data access

  • Secure database programming
  • Database permissions best practices
  • Parameterized queries
  • Common stored procedure flaws

Error handling and logging

  • Attacking via error messages
  • Secure logging and error handling

Server configuration and code management

  • Common web and app server mis-configurations
  • Common database server mis-configurations
  • Protecting application code

XML web services

  • Overview of WSDL, SOAP and AJAX
  • Web service attacks
  • AJAX pitfalls
  • Web service best practices

Application threat modeling

  • Threat modeling concepts
  • Application context
  • Identifying attacks, vulnerabilities and countermeasures
  • Threat modeling tools

Practical security testing techniques for developers

  • Useful web application assessment tools
  • Determining the severity of vulnerabilities
  • Dealing with time constraints