EC-Council Certified Secure Programmer .NET (ECSP.NET)

Course details

This course will be invaluable to software developers and programmers alike to code and develop highly secure applications and web applications. This is done throughout the software life cycle that involves designing, implementing, and deployment of applications. .Net is widely used by almost all organizations as the leading framework to build web applications. The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development lifecycle to improve the overall quality of products and applications. EC-Council Certified Secure Programmer lays the foundation required by all application developers and development organizations to produce applications with greater stability and fewer security risks to the consumer. The Certified Secure Application Developer standardizes the knowledge base for application development by incorporating the best practices followed by experienced experts in the various domains. This course is purposefully built with tons of labs peppered throughout the three days of training, offering participants critical hands on time to fully grasp the new techniques and strategies in secure programming.

General Objectives

• Familiarize you with .Net Application Security, ASP.Net Security Architecture and help you understand the need for application security and common security threats to .Net framework
• Discuss security attacks on .Net framework and explain the secure software development lifecycle
• Help you to understand common threats to .Net assemblies and familiarize you with stack walking processes
• Discuss the need for input validation, various input validation approaches, common input validation attacks, validation control vulnerabilities, and best practices for input validation
• Familiarize you with authorization and authentication processes and common threats to authorization and authentication
• Discuss various security principles for session management tokens, common threats to session management, ASP.Net session management techniques, and various session attacks
• Cover the importance of cryptography in .Net, different types of cryptographic attacks in .Net, and various .Net cryptography namespaces
• Explain symmetric and asymmetric encryption, hashing concepts, digital certificates, digital and XML signatures
• Describe the principles of secure error handling, different levels of exception handling, and various .Net logging tools
• Examine file handling concepts, file handling security concerns, path traversal attacks on file handling, and defensive techniques against path traversal attack