Securing .Net Web Applications is a lab-intensive, hands-on .Net security training course, essential for experienced enterprise developers who need to engineer, maintain, and support secure .Net-based web applications. In this course, students thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities (such as file uploads, CSRF and direct object references). Students will repeatedly attack and then defend various assets associated with fully functional web applications and services. This hands-on approach drives home the mechanics of how to secure .Net web applications in the most practical of terms. A key component to our Best Defense IT Security Training Series, this workshop is a companion course with several developer-oriented courses and seminars. Our bug hunting class introduces penetration testing , illustrating how hackers probe and exploit our applications. Our developing secure software class introduces various security measures that can be applied through the software lifecycle. The combination of ethical hacking, secure coding, and secure lifecycle training provides student with the complete experience in application security. This course merges these classes with a specific .Net orientation. NOTE: Although this edition of the course is .Net-specific, it may also be presented using Java or other programming languages.
This is an intermediate -level .Net secure programming course, designed for developers who wish to get up and running on developing well defended software applications. Familiarity with C# is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of .Net development practical experience.
4 Days/Lecture & Lab
This course is designed for experienced .Net developers.
- Securing Applications Foundation
- Bug Stomping 101
- Bug Stomping 102
- Moving Forward