Training Session A: Secure Coding Boot Camp presented at ISSA 2015

by Jim Manico,

Summary : The major cause of web insecurity is insecure software development practices. Attendees will earn 8 CPE credits for participating in this highly intensive and interactive course which provides essential application security training for web application, webservice and mobile software developers and architects. Jim’s classes are a combination of lecture, security testing demonstration and code review. Students will learn the most common threats against applications.
Students will learn how to code secure web solutions via defense-based code samples. As part of this course, we will explore the use of third-party security libraries and frameworks to speed and standardize secure development.
Students should bring a basic laptop, tablet or smart phone that can read a PDF. The courseware will be distributed digitally.
Topics:
HTTP Basics, SQL Injection
Authentication
XSS Defense, CSP
Access Control
Cross Site Request Forgery
Applied Crypto Basics
App Layer Intrusion Detection
Webservice/Mobile Security
Applied SSL