The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development life cycle to improve the overall quality of products and applications.
Length Days: 3
Students must be well-versed with .NET programming language.
The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET Framework. It is designed for developers who have .NET development skills.
This course will:
· Familiarize you with .Net Application Security, ASP.Net Security Architecture and help you understand the need for application security and common security threats to .Net framework
· Discuss security attacks on .Net frame work and explain the secure software development life cycle
· Help you to understand common threats to .Net assemblies and familiarize you with stack walking processes
· Discuss the need for input validation, various input validation approaches, common input validation attacks, validation control vulnerabilities, and best practices for input validation
· Familiarize you with authorization and authentication processes and common threats to authorization and authentication
· Discuss various security principles for session management tokens, common threats to session management, ASP.Net session management techniques, and various session attacks
· Cover the importance of cryptography in .Net, different types of cryptographic attacks in .Net, and various .Net cryptography namespaces
· Explain symmetric and asymmetric encryption, hashing concepts, digital certificates, digital and XML signatures
· Describe the principles of secure error handling, different levels of exception handling, and various .Net logging tools
· Examine file handling concepts, file handling security concerns, path traversal attacks on file handling, and defensive techniques against path traversal attack