Combined C#, C/C++ and Web Application Security Training in Ireland

Serving teams that use managed code (.NET and ASP.NET typically written in C#) together with native code development (typically C/C++), this training gives a comprehensive overview of the security issues in both environments.

Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation.

The course also covers both the various general (like web services) and specific security solutions and tools, and the most frequent and severe security flaws of managed code, dealing with both language-specific issues and the problems stemming from the runtime environment. The vulnerabilities relevant to the ASP.NET platform are detailed along with the general web-related vulnerabilities following the OWASP Top Ten list. The course consists of a number of exercises through which attendees can easily understand and execute attacks and protection methods.

C/C++, C# and web application developers, architects and testers. 

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn about XML security
• Learn client-side vulnerabilities and secure coding practices
• Learn to use various security features of the .NET development environment
• Have a practical understanding of cryptography
• Realize the severe consequences of unsecure buffer handling in native code
• Understand the architectural protection techniques and their weaknesses
• Realize the severe consequences of unsecure buffer handling
• Learn about typical coding mistakes and how to avoid them
• Get sources and further readings on secure coding practices

• IT security and secure coding
• Web application security (OWASP Top Ten 2017)
• Client-side security
• .NET security architecture and services
• Practical cryptography
• x86 machine code, memory layout and stack operations
• Buffer overflow
• Some additional native code-related vulnerabilities
• Common coding errors and vulnerabilities
• Principles of security and secure coding
• Knowledge sources