Reserve Your Seat! View All Courses

The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development life cycle to improve the overall quality of products and applications.

Length Days: 3

PREREQUISITES

Students must be well-versed with .NET programming language.

TARGET AUDIENCE

The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET Framework. It is designed for developers who have .NET development skills.

COURSE OBJECTIVES

This course will:

· Familiarize you with .Net Application Security, ASP.Net Security Architecture and help you understand the need for application security and common security threats to .Net framework

· Discuss security attacks on .Net frame work and explain the secure software development life cycle

· Help you to understand common threats to .Net assemblies and familiarize you with stack walking processes

· Discuss the need for input validation, various input validation approaches, common input validation attacks, validation control vulnerabilities, and best practices for input validation

· Familiarize you with authorization and authentication processes and common threats to authorization and authentication

· Discuss various security principles for session management tokens, common threats to session management, ASP.Net session management techniques, and various session attacks

· Cover the importance of cryptography in .Net, different types of cryptographic attacks in .Net, and various .Net cryptography namespaces

· Explain symmetric and asymmetric encryption, hashing concepts, digital certificates, digital and XML signatures

· Describe the principles of secure error handling, different levels of exception handling, and various .Net logging tools

· Examine file handling concepts, file handling security concerns, path traversal attacks on file handling, and defensive techniques against path traversal attack

COURSE OUTLINE

1 – INTRODUCTION TO .NET APPLICATION SECURITY

2 – NET FRAMEWORK SECURITY

3 – INPUT VALIDATION AND OUTPUT ENCODING

4 – .NET AUTHORIZATION AND AUTHENTICATION

5 – SECURE SESSION AND STATE MANAGEMENT

6 – .NET CRYPTOGRAPHY

7 – .NET ERROR HANDLING, AUDITING, AND LOGGING

8 – .NET SECURE FILE HANDLING

9 – .NET CONFIGURATION MANAGEMENT AND SECURE CODE REVIEW

Download Course Outline

Reserve Your Seat!

Course Inquiry