EC-Council E C S P.NET. EC-Council. EC-Council Certified Secure Programmer (.NET)



Similar documents
ASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus

Developing Secure Web Applications

Designing and Coding Secure Systems

90% of data breaches are caused by software vulnerabilities.

MS-55096: Securing Data on Microsoft SQL Server 2012

elearning for Secure Application Development

Securing Data on Microsoft SQL Server 2012

What is Web Security? Motivation

JVA-122. Secure Java Web Development

Application Security Testing

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Where every interaction matters.

KEN VAN WYK. Fundamentals of Secure Coding and how to break Software MARCH 19-23, 2007 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY)

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

Table of Contents. Introduction. Audience. At Course Completion

Adobe Systems Incorporated

Hackers are here. Where are you?

Network Test Labs (NTL) Software Testing Services for igaming

Implementing Cisco IOS Network Security v2.0 (IINS)

Using Foundstone CookieDigger to Analyze Web Session Management

This module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud.

Strategic Information Security. Attacking and Defending Web Services

Application Intrusion Detection

Development. Resilient Software. Secure and. Mark S. Merkow Lakshmikanth Raghavan. CRC Press. Taylor& Francis Croup. Taylor St Francis Group,

167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College

Enterprise Application Security Workshop Series

05.0 Application Development

CRYPTOGRAPHY AS A SERVICE

Know your enemy. Class Objectives Threat Model Express. and know yourself and you can fight a hundred battles without disaster.

Managing and Maintaining Windows Server 2008 Servers

Programming with the Microsoft.NET Framework Using Microsoft Visual Studio 2005 (VB)

Implementing Cisco IOS Network Security

Web Application Security Considerations

Trainer Preparation Guide for Course 20488B: Developing Microsoft SharePoint Server 2013 Core Solutions Design of the Course

EC-Council. Certified Ethical Hacker. Program Brochure

Kentico CMS security facts

IINS Implementing Cisco Network Security 3.0 (IINS)

Chapter 17. Transport-Level Security

Securing Enterprise Web Applications at the Source: An Application Security Perspective

e-code Academy Information Security Diploma Training Discerption

A Review of Web Application Security for Preventing Cyber Crimes

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

InfoSec Academy Application & Secure Code Track

CCNA Security v1.0 Scope and Sequence

Web Application Security

TEAM Academy Catalog. 187 Ballardvale Street, Wilmington, MA

Validation Procedure. ANNEX 4. Security Testing Basis

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Mobile Application Hacking for ios. 3-Day Hands-On Course. Syllabus

Web Application Report

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Application Security: Threats and Architecture

Table of Contents. Introduction. Audience. At Course Completion

Multiple Formatter Support for the Logging Application Block

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

CCNA Security 2.0 Scope and Sequence

Architectural Design Patterns. Design and Use Cases for OWASP. Wei Zhang & Marco Morana OWASP Cincinnati, U.S.A.

Using etoken for SSL Web Authentication. SSL V3.0 Overview

SAFECode Security Development Lifecycle (SDL)

Cutting Edge Practices for Secure Software Engineering

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Module 1: e- Learning

Building Secure Cloud Applications. On the Microsoft Windows Azure platform

How To Develop A Web Development Software For A Business

IT Networking and Security

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Planning, Deploying, and Managing an Enterprise Project Management Solution

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management

Secure development and the SDLC. Presented By Jerry

IT and Cyber Security Training Courses

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Passing PCI Compliance How to Address the Application Security Mandates

CSCI 454/554 Computer and Network Security. Final Exam Review

The Top Web Application Attacks: Are you vulnerable?

Threat Modeling. Frank Piessens ) KATHOLIEKE UNIVERSITEIT LEUVEN

Advanced Authentication

SECURITY EDUCATION CATALOGUE

Developing ASP.NET MVC 4 Web Applications

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Implementing a Microsoft SQL Server 2005 Database

DISA's Application Security and Development STIG: How OWASP Can Help You. AppSec DC November 12, The OWASP Foundation

Chapter 1 Web Application (In)security 1

MS Enterprise Library 5.0 (Logging Application Block)

IoT Security Platform

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

Course 10978A Introduction to Azure for Developers

A Strategic Approach to Web Application Security The importance of a secure software development lifecycle

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

Developing Windows Azure and Web Services

Transcription:

E C S P.NET (.NET)

ECSP.NET Course Software defects, bugs, and flaws in the logic of the program are consistently the cause for software vulnerabilities. Analysis by software security professionals has proven that most vulnerabilities are due to errors in programming. Hence, it has become a must for organizations to educate their software developers about secure coding practices. Attackers try to find security vulnerabilities in the applications or servers and then try to use these vulnerabilities to steal secrets, corrupt programs and data, and gain control of computer systems and networks. Sound programming techniques and best practices can be used to develop high quality code to prevent web application attacks. Secure programming is a defensive measure against attacks targeted towards application systems. Course Description This course will be invaluable to software developers and programmers alike to code and develop highly secure applications and web applications. This is done throughout the software life cycle that involves designing, implementing, and deployment of applications..net is widely used by almost all organizations as the leading framework to build web applications. The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development lifecycle to improve the overall quality of products and applications. lays the foundation required by all application developers and development organizations to produce applications with greater stability and fewer security risks to the consumer. The Certified Secure Application Developer standardizes the knowledge base for application development by incorporating the best practices followed by experienced experts in the various domains. This course is purposefully built with tons of labs peppered throughout the three days of training, offering participants critical hands on time to fully grasp the new techniques and strategies in secure programming. E C S P.NET (.NET)

Course Objectives This course will: E C S P.NET Familiarize you with.net Application Security, ASP.Net Security Architecture and help you understand the need for application security and common security threats to.net framework Discuss security attacks on.net framework and explain the secure software development lifecycle Help you to understand common threats to.net assemblies and familiarize you with stack walking processes Discuss the need for input validation, various input validation approaches, common input validation attacks, validation control vulnerabilities, and best practices for input validation Familiarize you with authorization and authentication processes and common threats to authorization and authentication Discuss various security principles for session management tokens, common threats to session management, ASP.Net session management techniques, and various session attacks Cover the importance of cryptography in.net, different types of cryptographic attacks in.net, and various.net cryptography namespaces Explain symmetric and asymmetric encryption, hashing concepts, digital certificates, digital and XML signatures Describe the principles of secure error handling, different levels of exception handling, and various.net logging tools Examine file handling concepts, file handling security concerns, path traversal attacks on file handling, and defensive techniques against path traversal attack (.NET)

What Will You Learn? Students in this course will acquire knowledge in the following areas:.net framework security features and various secure coding principles.net framework runtime security model, role-based security, code access security (CAS), and class libraries security Various validation controls, mitigation techniques for validation control vulnerabilities, defensive techniques for SQL injection attacks, and output encoding to prevent input validation attacks Defensive techniques against session attacks, cookie security, and ViewState security Mitigating vulnerabilities in class level exception handling, managing unhandled errors, and implementing windows log security against various attacks Defensive techniques against path traversal attacks and defensive techniques against canonicalization attack and file ACLs Mitigating vulnerabilities in machine config files, mitigating the vulnerabilities in app config files, and security code review approaches The importance of secure programmers and certified secure programmers, the career path of secure programmers, and the essential skillset of secure programmers E C S P.NET (.NET)

Prerequisites You must be well-versed with.net programming language. Who Should Attend The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with.net Framework. It is designed for developers who have.net development skills. Duration 3 Days (9:00 AM 5:00 PM) Certification The ECSP.NET 312-93 exam will be conducted on the last day of training. Students need to pass the online exam to receive the ECSP certification. E C S P.NET (.NET)

6330 Riverside Plaza Ln NW Suite 210 Albuquerque, NM 87120 Tel: +1.505.341.3228 Fax: +1.505.341.0050 http://www.eccouncil.org E C S P.NET E-mail: product@eccouncil.org (.NET)

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information