COD 715: Creating Secure Code - .NET (C#)

Live Training English
Duration: 2 days | Course is offered in English

Course Description

Secure coding is the process of reducing the susceptibility of .NET code to vulnerabilities. This course gives developers an in-depth immersion into secure coding practices, with an emphasis on the security features and pitfalls of the .NET programming environment. It also introduces the concept of Threat Modeling, which is a highly regarded risk mitigation technique to secure development. To complement the knowledge and techniques presented, this course includes hands-on labs on implementing secure solutions in .NET and real-world examples of how to find, fix, and prevent vulnerabilities. 

The course wraps up with a complete description of the Secure Development Lifecycle and the requirements for integrating a security-driven process into development.

At the end of this course, participants will be able to:

  • Identify common security issues and attack vectors in all applications
  • Understand the specific security features available in the Windows and .NET platforms
  • Understand and implement secure design and development techniques
  • Implement best practices for securely developing .NET applications and protecting data

Modules Covered

Introduction

  • The underlying cause of software vulnerabilities and the impact they can have on an organization
  • The difficulties in integrating improved security in an environment with opposing goals
  • Software failures, the requirement for security at the application layer, compliance issues, and the goals of a security improvement system

Common Coding Errors 

  • Common coding and design errors that result in security vulnerabilities and root cause analysis
  • Techniques for identifying and avoiding the errors to improve software security

Windows Security Architecture 

  • The security features of the Windows and .NET platforms
  • How these security features can be used to improve software security and potential problems that can occur through their use

Common Web Application Errors 

  • Common security vulnerabilities found in web applications and the risk they carry

Defensive Coding Principles

  • Coding principles that help in the design and development of secure software
  • How to apply principles correctly so that they provide a foundation for development standards and result in fewer vulnerabilities
  • Pitfalls to avoid and methods that will prevent and remediate security vulnerabilities

Threat Modeling

  • Overview of the threat modeling process
  • Techniques that can be applied from requirements and planning through implementation