Secure Code Training Courses

Secure Code Course Outlines

Code Name Duration Overview
cl-jwe Advanced Java, JEE and Web Application Security 28 hours Beyond a solid knowledge in using Java components, even for experienced Java programmers it is essential to have a deep knowledge in web-related vulnerabilities both on server and client side, the different vulnerabilities that are relevant for web applications written in Java, and the consequences of the various risks. General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of Java with the most important aim to avoid the associated problems. In addition, a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5. The course introduces security components of Standard Java Edition, which is preceded with the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. Security issues of Java Enterprise Edition are presented through various exercises explaining both declarative and programmatic security techniques in JEE. Finally, the course explains the most frequent and severe programming flaws of the Java language and platform. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Learn to use various security features of the Java development environment Have a practical understanding of cryptography Understand security concepts of Web services Understand security solutions of Java EE Learn about typical coding mistakes and how to avoid them Get information about some recent vulnerabilities in the Java framework Get practical knowledge in using security testing tools Get sources and further readings on secure coding practices Audience Developers
seccode How to Write Secure Code 35 hours After the major attacks against national infrastructures, Security Professionals found that the majority of the vulnerabilities that caused the attacks came from poor and vulnerable code that the developers write.  Developers now need to master the techniques of how to write Secure Code, because we are in a situation where anyone can use availble tools to write a script that can effectivly disable a large organization's systems because the developers have written poor code. This Course aims to help in the following: Help Developers to master the techniques of writing Secure Code Help Software Testers to test the security of the application before publishing to the production environment Help Software Architects to understand the risks surrounding the applications Help Team Leaders to set the security base lines for the developers Help Web Masters to configure the Servers to avoid miss-configurations In this course you will also see details of the latest cyber attacks that have been used and the countermeasures used to stop and prevent these attacks. You will see for yourself how developers mistakes led to catastrophic attacks, and by participatig in the labs during the course you will be able to put into practise the security controls and gain the experience and knowledge to produce secure coding. Who should Attend this Course?  This Secure Code Training is ideal for those working in positions such as, but not limited to: Web Developers Mobile Developers Java Developers Dot Net Developers Software Architects Software Tester Security Professionals Web Masters
cl-osc The Secure Coding Landscape 14 hours The course introduces some common security concepts, gives an overview about the nature of the vulnerabilities regardless of the used programming languages and platforms, and explains how to handle the risks that apply regarding software security in the various phases of the software development lifecycle. Without going deeply into technical details, it highlights some of the most interesting and most aching vulnerabilities in various software development technologies, and presents the challenges of security testing, along with some techniques and tools that one can apply to find any existing problems in their code. Participants attending this course will  Understand basic concepts of security, IT security and secure coding Understand Web vulnerabilities both on server and client side Realize the severe consequences of unsecure buffer handling Be informated about some recent vulnerabilities in development environments and frameworks Learn about typical coding mistakes and how to avoid them Understand security testing approaches and methodologies Audience Managers
devopssecurity DevOps Security: Creating a DevOps security strategy 7 hours DevOps is a software development approach that aligns application development with IT operations. Some of the tools that have emerged to support DevOps include: automation tools, containerization and orchestration platforms. Security has not kept up with these developments. In this course, participants will learn how to formulate the proper security strategy to face the DevOps security challenge. Audience     Devops engineers     Security engineers Format of the course     Part lecture, part discussion, some hands-on practice
embeddedsecurity Embedded systems security 21 hours This training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems. By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software. Audience     Embedded systems professionals     Security professionals Format of the course     Part lecture, part discussion, hands-on practice
iast Interactive Application Security Testing (IAST) 14 hours Interactive Application Security Testing (IAST) is a form of application security testing that combines Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) or Runtime Application Self-protection (RASP) techniques. IAST is able to report the specific lines of code responsible for a security exploit and replay the behaviors leading to and following such an exploit. In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack.   By the end of this training, participants will be able to: Simulate attacks against applications and validate their detection and protection capabilities Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios Quickly and accurately fix the application code responsible for detected vulnerabilities Prioritize the vulnerability findings from dynamic scans Use RASP real-time alerts to protect applications in production against attacks. Reduce application vulnerability risks while maintaining production schedule targets Devise an integrated strategy for overall vulnerability detection and protection Audience DevOps engineers Security engineers Developers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice
shiro Apache Shiro: Securing your Java application 7 hours Apache Shiro is a powerful Java security framework that performs authentication, authorization, cryptography, and session management. In this instructor-led, live training, participants will learn how to secure a web application with Apache Shiro. By the end of this training, participants will be able to: Use Shiro's API to secure various types of applications, including mobile, web and enterprise Enable logins from various data sources, including LDAP, JDBC, Active Directory, etc. Audience Developers Security engineers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice

Upcoming Courses

CourseCourse DateCourse Price [Remote / Classroom]
How to Write Secure Code - DubaiSun, 2018-05-13 09:308000USD / 11100USD

Other regions

Weekend Secure Code courses, Evening Secure Code training, Secure Code boot camp, Secure Code instructor-led , Secure Code private courses, Secure Code on-site, Secure Code one on one training , Secure Code instructor, Evening Secure Code courses,Weekend Secure Code training, Secure Code classes, Secure Code training courses, Secure Code coaching

Course Discounts

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Outline Tag Cloud

Easy-to-find Low-hanging FruitsHeavy Hands-on PracticeWidely-used Protocol FamiliesEasy-to-understand ExercisesProviding Hands-on KnowledgeWeb-based VulnerabilitiesGeneral Web-related VulnerabilitiesSide-channel AttacksGeneral Web-based VulnerabilitiesHands-on TrainingCoding-level Programming TechniquesNumerous Hands-one ExercisesHands-on Exercises DemonstratingNet-specific Vulnerabilities TacklesRasp Real-time AlertsWidely-used Cryptographic AlgorithmsSecure CodeLearn Client-side VulnerabilitiesCat-and-mouse NatureIn-depth Mathematical BackgroundGain Hands-on ExperienceReal-world SolutionsGain Code-level VisibilityHeuristics-based Code ReviewEnd-to-end Security SolutionsNumerous Hands-on ExercisesContinuously Up-to-dateHand-held PlatformsSecurity-relevant Programming MistakesMobile Code-related VulnerabilitiesPhp-specific Language ProblemsUnderstanding Cloud-specific Threats