Certified C# and Web application security Training in Hong Kong

  • Learn via: Classroom / Virtual Classroom / Online
  • Duration: 3 Days
  • Level: Intermediate
  • Price: From €4,000+VAT

This comprehensive three-day course empowers developers with the skills to secure C# and ASP.NET web applications against common vulnerabilities and advanced cyber threats. Participants will explore core IT security principles, secure coding practices, and .NET-specific security measures. Key topics include SQL injection, cross-site scripting (XSS), authentication flaws, and insecure deserialization, with a focus on how they affect ASP.NET applications.

The course also delves into the .NET framework’s security architecture, emerging issues, and cryptographic techniques. Through hands-on exercises, participants will gain practical experience in applying secure coding practices to real-world scenarios.

Read more +
We can host this training at your preferred location.

Prerequisites

  • General C# development knowledge.
  • Familiarity with web application concepts is beneficial but not mandatory.

Target Audience

  • C# developers building or maintaining web applications.
  • Software engineers seeking to enhance their knowledge of secure coding.
  • IT professionals responsible for application security in .NET-based systems.
Read more +

What You Will Learn

By the end of this course, participants will be able to:

  • Identify and mitigate common web vulnerabilities affecting .NET applications, including OWASP Top Ten issues.
  • Apply secure coding practices in C# to prevent injection attacks, XSS, and insecure deserialization.
  • Utilise the security features of the .NET framework to enhance application security.
  • Strengthen authentication, session management, and access control in ASP.NET applications.
  • Conduct vulnerability assessments using tools like static code analysis and penetration testing frameworks.
  • Apply secure coding principles and follow key guidelines from industry standards such as OWASP and SEI CERT.
Read more +

Outline

Day 1: Introduction to IT security and secure coding

  • Fundamentals of IT security and risk management.
  • Understanding security flaws and their exploitation in cybercrime.
  • Overview of OWASP Top Ten vulnerabilities and secure coding principles.
  • Injections:
    • SQL Injection: Attack methods, blind SQL injection, and prevention using parameterized queries.
    • Command Injection: Detection, prevention techniques, and hands-on exercises.
    • XML Injection: Addressing and mitigating injection risks.
  • Cross-Site Scripting (XSS): Persistent, reflected, and DOM-based XSS attacks with prevention strategies and exercises.

Day 2: Advanced web vulnerabilities and secure coding

  • Authentication and Session Management:
    • Best practices for secure authentication.
    • Common vulnerabilities in session handling, including cookies and JWT tokens.
    • Exercises on securing authentication and sessions.
  • Business Logic Vulnerabilities:
  • Identifying and preventing issues like privilege escalation and payment manipulation.
  • Practical exercises on mitigating business logic flaws.
  • Securing forms and session tokens against CSRF attacks.
  • Prevention techniques with ASP.NET.
  • Addressing path traversal and insecure file upload vulnerabilities.
  • Exercises on secure coding practices.
  • Understanding and mitigating race conditions in multi-threaded environments.
  • Cross-Site Request Forgery (CSRF):
  • File and Path Vulnerabilities:
  • Race Conditions:

Day 3: .NET security and advanced topics

  • .NET Security Architecture:
    • Core security features, including role-based access control and secure error handling.
    • Serialization and deserialization vulnerabilities and their mitigation.
  • Practical Cryptography:
  • Symmetric and asymmetric encryption techniques.
  • Cryptographic APIs in .NET and best practices for key management.
  • In-depth analysis of new vulnerabilities such as insecure deserialization and cookie injection.
  • Tools and techniques for static code analysis, penetration testing, and vulnerability management.
  • Exercises using tools like OWASP ZAP and SQLMap.
  • Applying robust programming principles from Saltzer and Schroeder.
  • Recommended resources and further reading for secure coding practices.
  • Emerging Threats:
  • Security Testing and Vulnerability Management:
  • Principles of Secure Coding:

Exams and Assessments

  • Multiple-choice exam (60 questions, 50% pass mark).
  • The APMG Proctor-U exam is taken online after course completion.
  • Delegates receive individual access to the APMG candidate portal (available two weeks post-exam).
Read more +


Contact us for more detail about our trainings and for all other enquiries!

Avaible Training Dates

Join our public courses in our Hong Kong facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

21 April 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
21 April 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
19 May 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
26 May 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
03 June 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
21 June 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
26 June 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT
08 July 2025 (3 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
€4,000 +VAT

Related Trainings

Certified C# and Web application security Training Course in Hong Kong

Hong Kong is officially known as the Hong Kong Special Administrative Region of the People's Republic of China (HKSAR) and is a city and special administrative region of China on the eastern Pearl River Delta in South China. Hong Kong is one of the most densely populated places in the world, with over 7.5 million population. The official languages of the HKSAR are Chinese and English. Hong Kong is a highly developed territory and ranks fourth on the United Nations Human Development Index and the residents of Hong Kong have the highest life expectancies in the world.

The best time to visit Hong Kong is from September to December, since the temperatures, averaging between 19 to 28 degree Celsius. During this outdoor activities-friendly travelling season, you can take a walk along Victoria Harbour, visit the islands of Lantau, Lamma and Cheung Chau and participate in the Mid-Autumn Festival. Top choices of the tourists to visit in Hong Kong are Big Buddha statue, Wong Tai Sin Temple, Repulse Bay and the Beaches and Hong Kong Disneyland.

Explore our diverse range of IT courses, encompassing programming, software development, cyber security, data science, business skills, and Agile/Scrum. Wherever you are in Hong Kong, our seasoned instructors will bring practical training and expert knowledge to your preferred training venue.
By using this website you agree to let us use cookies. For further information about our use of cookies, check out our Cookie Policy.