Training: Iron-Clad Development : Building Secure Applications presented at AppSecCalifornia 2015

by Jim Manico,

Summary : The major cause of application insecurity is insecure software development practices. This highly intensive and interactive course provides essential application security training for web application, webservice and mobile software developers and architects.
This class is a combination of lecture, security testing demonstration and code review. Students will learn the most common threats against applications and how to defend against them in a variety of programming frameworks.
The following topics, and more, will be covered.
HTTP Basics
SQL and other Injection
Authentication
XSS Defense
Content Spoofing
HTML Hacking
Access Control
Cross Site Request Forgery
Clickjacking
Applied Crypto Basics
Mobile Security
SDLC Architecture
App Layer Intrusion Detection
Webservice Security
HTML5 Security Considerations
Multi-form Workflow Security Considerations
This course is built for the software developer, but any application security professional wishing to learn more about secure coding techniques will benefit.