Upcoming Course Dates & Locations: View Schedule
Type of Course: Classroom
Insecure software is one of the biggest threats organizations face today. As hackers turn their attention to the software and applications that make up an organization’s IT infrastructure, the best protection is building secure software and writing secure code.
Understand the key security features of the .NET platform, the common web security mistakes developers make, and how to build secure and reliable web applications using ASP.NET. Students are lead through hands-on code examples that highlight issues and prescribe solutions.
All students are challenged with real-world examples that are reinforced by practical and realistic code-level lab exercises. This course uses Hacme Bank, a web security training application written by Foundstone. Students are required to fix known issues during the first three days in labs and then renovate the entire bank’s code during the final workshop day. This class focuses on the fundamentals of the ASP.NET framework, covering all versions of the .NET framework up to ASP.NET 3.5.
Implementing traditional security countermeasures is becoming less effective at protecting organizations’ critical assets. Flaws in poorly developed software are open invitations to malicious intruders who are adept at identifying programming flaws. Developers must learn how to avoid introducing vulnerabilities and implement security measures effectively into their code.
Foundstone software security instructors are software developers who have performed hundreds of software audits and code reviews, and have run software security programs at major financial services companies. They have managed security programs at the Big Four accounting firms, the United States Air Force, and on Wall Street, and are frequent authors and public speakers.
This course is for professional software developers or software security auditors who have been working with the .NET framework and developing ASP.NET C# code for at least one year. A comprehensive knowledge of the .NET framework, the C# language, and web technology is required.
This course qualifies for up to 32 hours of continuing professional education credits for Certified Information Systems Security Professional (CISSP)/Systems Security Certified Practitioner (SSCP).