Secure Programming Training

> Services for your people > Secure Programming Training

Secure Programming Training

With the amount of security attacks and high-paced agile sprint cycles, securing your software from day 1 is a major cost-saver. When developers know where common security flaws lie and how they can be prevented, the risk of security breaches and costs will be reduced by implementing security features early on. This training focuses on code review and application security.

Why should you attend?

  • Understand and know basic security concepts for secure programming;
  • Gain proper understanding of common vulnerabilities like cross-site scripting and cross-site request forgery;
  • Understand how a hacker uses presented information to learn about and gain unauthorized access to your systems;
  • Know how to prevent common vulnerabilities with a wide range of methods.

This is a very interactive training course with lots of exercises, demonstrations and quizzes to support effective learning.

Who should attend?

This training is suitable for:

  • Developers;
  • Application testers;
  • Software engineers;
  • Technical staff involved in security management

Required Skills & Expertise

This course is intended for developers, who want to learn how to program more secure. Programming skills are required and a basic knowledge regarding the OWASP top 10 is needed.

The duration of this training course is 1 day.

Program

Time

Topic

Description

9:00

Welcome and introduction

9:15

Security awareness for programmers
  • Quick quiz and general security overview
  • Top 10 OWASP vulnerabilities
  • The real cost of "bad" software
  • Security as a process
  • Defence in depth

10:30

Coffee break

10:45

Web application security Part 1
  • GET vs POST requests implications
  • Cross-site Request Forgery (CSRF)
  • Protections
  • User input
  • SQL

12:15

Lunch

13:00

Web application security Part 2
  • Cross-site scripting (XSS)
  • Input validation
  • Protections

14:45

Coffee break

15:00

Software security engineering
  • Architecture and design
  • Code review
  • Security testing
  • Security audits
  • Automated tests

16:15

Language specific examples
  • To show you right and wrong in practise
  • Examples in Java, C, LDAP, JSP

16:40

Final quiz

Let's see what you learned!

17:00

Wrap up with questions and answers

More Information

Are you interested in hosting this interactive and tailored training at your company? Please fill out the form below and we will contact you within one business day.

USP

ABOUT SECURA

Secura is a leading cybersecurity expert. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.

Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.