Take this class
Click here to request this course on a different date.
Every day you hear new about a network breach and loss of valuable information. While networks and operating system platforms are becoming more secure, custom application code presents huge vulnerabilities for attackers to exploit. Regardless of whether you need PCI compliance, regulatory compliance, or simply want to protect your systems, this course is essential for your custom application developers.
This course is designed to satisfy section 6.5 of the PCI Data Security Standard, but is also critical for any developer of custom application code. First, we provide an overview of the Open Web Application Security Project (OWASP) top 10, showing developers what the most common attacks are and how they are perpetrated. Then, we provide concise recommendations on coding techniques to avoid the top 10 vulnerabilities as well as improving overall code quality.
Audience
This course is for experienced JSP or ASP.Net developers.
Length:
Outline
- Overview - Being Security Minded
- Motivations
- The Open Web Application Security Project (OWASP)
- Attackers
- Survey of the OWASP Top Ten Vulnerabilities
- Essential Coding for Security
- Input Validation
- Encoding Output
- Preventing Injection Attacks
- Authorization
- Authentication
- Session Management
- Fraud Detection
- Cookies and Query String Management
- Data Integrity
- Wrap-up