Upcoming Course Dates & Locations: View Schedule
Type of Course: Classroom
Insecure software is one of the biggest threats organizations face today. As hackers turn their attention to the software and applications that make up an organization’s IT infrastructure, the best protection is building secure software and writing secure code.
Understand the key security features of the C++ language, the common security mistakes developers make, and how to build secure and reliable enterprise applications using C++. Students are lead through hands-on code examples that highlight issues and prescribe solutions.
All students are challenged with real-world examples that are reinforced by practical and realistic code-level lab exercises. This course uses Hacme Travel, a client-server application completely written in C++ by Foundstone. Students are required to hack into the application, understand the development and design decisions that introduced those vulnerabilities, and then remediate those security issues on the final day of the class.
All instruction is taught around standard C++. Wherever necessary, platform-specific features (e.g., .NET) are described for completeness.
Implementing traditional security countermeasures is becoming less effective at protecting organizations’ critical assets. Flaws in poorly developed software are open invitations to malicious intruders who are adept at identifying programming flaws. Developers must learn how to avoid introducing vulnerabilities and implement security measures effectively into their code.
Foundstone software security instructors are software developers who have performed hundreds of software audits and code reviews, and have run software security programs at major financial services companies. They managed security programs at the Big Four accounting firms, the United States Air Force, and on Wall Street, and are frequent authors and public speakers.
This course is for professional software developers and software security auditors who have been developing C++ code for at least one year. A comprehensive knowledge of the C++ language and a basic knowledge of either of the commonly used Unix flavors are required.
This course qualifies for up to 32 hours of continuing professional education credits for Certified Information Systems Security Professional (CISSP)/Systems Security Certified Practitioner (SSCP).