Secure Programming Training

... > Training Courses > Secure Programming Training

Secure Programming Training

With the amount of security attacks and high-paced agile sprint cycles, securing your software from day 1 is a major cost-saver. When developers know where common security flaws lie and how they can be prevented, the risk of security breaches and costs will be reduced by implementing security features early on. This training focuses on code review and application security.

Why should you attend?

  • Understand and know basic security concepts for secure programming;
  • Gain proper understanding of common vulnerabilities like cross-site scripting and cross-site request forgery;
  • Understand how a hacker uses presented information to learn about and gain unauthorized access to your systems;
  • Know how to prevent common vulnerabilities with a wide range of methods.

This is a very interactive training course with lots of exercises, demonstrations and quizzes to support effective learning.

Who should attend?

This training is suitable for:

  • Developers;
  • Application testers;
  • Software engineers;
  • Technical staff involved in security management

Required Skills & Expertise

This course is intended for developers, who want to learn how to program more secure. Programming skills are required and a basic knowledge regarding the OWASP top 10 is needed.

The duration of this training course is 1 day.

Program

Time

Topic

Description

9:00

Welcome and introduction

9:15

Security awareness for programmers
  • Quick quiz and general security overview
  • Top 10 OWASP vulnerabilities
  • The real cost of "bad" software
  • Security as a process
  • Defence in depth

10:30

Coffee break

10:45

Web application security Part 1
  • GET vs POST requests implications
  • Cross-site Request Forgery (CSRF)
  • Protections
  • User input
  • SQL

12:15

Lunch

13:00

Web application security Part 2
  • Cross-site scripting (XSS)
  • Input validation
  • Protections

14:45

Coffee break

15:00

Software security engineering
  • Architecture and design
  • Code review
  • Security testing
  • Security audits
  • Automated tests

16:15

Language specific examples
  • To show you right and wrong in practise
  • Examples in Java, C, LDAP, JSP

16:40

Final quiz

Let's see what you learned!

17:00

Wrap up with questions and answers

More Information

Are you interested in hosting this interactive and tailored training at your company? Please fill out the form below and we will contact you within one business day.

USP

Why choose Secura | Bureau Veritas

At Secura/Bureau Veritas, we are dedicated to being your trusted partner in cybersecurity. We go beyond quick fixes and isolated services. Our integrated approach makes sure that every aspect of your company or organization is cyber resilient, from your technology to your processes and your people.

Secura is the cybersecurity division of Bureau Veritas, specialized in testing, inspection and certification. Bureau Veritas was founded in 1828, has over 80.000 employees and is active in 140 countries.