Secure Programmer Expert - .Net

Secure programming is the practice of developing applications in a way that prevents the introduction of security vulnerabilities and cyber criminals. By implementing the secure practices, the developer can avoid bugs and remove vulnerabilities that can be exploited by hackers. Star Secure Programmer Expert – .NET is a detailed course that helps the learner to identify and address the various bugs, defects and logic flaws in a computer program. These defects leave the program vulnerable to various kinds of threats.

The SSPE-.NET program is intended for programmers who are responsible for designing and building secure programs for the web, desktop and mobile on Microsoft .NET programming platform.

Audience

• Intermediate

Course Objectives

In this course, you will learn about:

• Security features of the .NET programming language
• .NET runtime security model and code access
• Securing the .NET code by applying secure code development practices
• Validation controls and associated vulnerabilities
• SQL injection mitigation
• Error handling to control attacks
• Tracing the attack through logs
• Path traversal attacks and canonicalization attack
• Security tools and policies
• Cryptography security model

Course Outcome

After competing this course, you will be able to:

• Understand the security features of .NET programming
• Design web application security
• Apply secure code development practices and develop a secure .NET application
• Explain different validation controls and understand how they can help secure your application
• Manage class-level exceptions to control attacks
• Secure system and application config files
• Test and review the code
• Explain best practices for managed and unmanaged code
• Understand cryptography security model

Table Of Contents Outline

• Introduction to Star Secure Programmer Expert – .NET
• Explore .NET Security Features
• Explore Security Principles Associated with .NET
• Designing Web Application Security
• Explore .NET Runtime Security Model, Code Access and Role Based
• Adding Various Validation Controls to Secure Your Application
• Controlling the Vulnerabilities Associated with Validation Controls
• SQL Injection Mitigation
• Applying Security to Control, Session Attacks, Cookie Security, and View State Security
• Class Level Exception Handling to Control Attacks, Error Handling
• Maintaining Logs to Trace the Attacks
• Controlling Path Traversal Attacks and Canonicalization Attack
• Managing ACLs
• Securing Machine Config files, App Config Files
• Testing and Reviewing the Code
• Best Coding Practices for Managed and Unmanaged Code
• Implementing Security Tool and Policies
• Cryptography Security Model