Security testing (Pen Testing) as an activity tends to capture security vulnerabilities at the end of the SDLC and is often too late to be able to influence fundamental changes in the way code is written.
We wrote this class because of the increasing need for developers to code in a secure manner. It is critical to introduce security as a quality component into the development cycle. This class aims at educating developers about various security vulnerabilities through hands-on practice using our purposely developed insecure web application which is hosted on Microsoft’s Azure platform. Throughout this class developers will be able to get on the same page with security professionals, understand their language and learn how to fix or mitigate vulnerabilities learnt during the class.
The techniques discussed in this class are mainly focused on .NET and JAVA technologies owing to their huge adoption in various enterprises in building web applications. However, the approach is generic and developers from other language backgrounds can easily grasp and implement the knowledge learnt in within their own environments.
- Software/Web Developers,
- PL/SQL Developers,
- Penetration Testers,
- Security Auditors,
- DBAs and Security Managers.
N.B. This course meets the requirements of the PCI-DSS standard, specifically the mandated requirement 6.5:
- Prevent common coding vulnerabilities in software development processes by training developers in secure coding techniques and developing applications based on secure coding guidelines - including how sensitive data is handled in memory.