Online
Secure Coding For C# Developers (January 2023 - 3 days)
In the Secure Coding for C# Developers course, students get familiar with security principles, in particular concepts that are relevant for C# programmers. This course takes students through the security issues intrinsic to the C# programming languages and associated libraries. The course consists of two parts, a theoretical lecture-based part providing the basics around various topics like security in general, cryptography, authentication & authorization, injection attacks and secure coding, as well as a hands-on practical part. After this course, the participants will be able to develop robust and secure C# applications.
This event took place on Tuesday, January 24, 2023.
Course Dates: January 24 - 26, 2023 (3 days)
Course Fee: $1,995 U.S.
In the Secure Coding for C# Developers course, students get familiar with security principles, in particular concepts that are relevant for C# programmers. This course takes students through the security issues intrinsic to the C# programming languages and associated libraries. The course consists of two parts, a theoretical lecture-based part providing the basics around various topics like security in general, cryptography, authentication & authorization, injection attacks and secure coding, as well as a hands-on practical part. After this course, the participants will be able to develop robust and secure C# applications.
The theoretical part covers the following areas:
Introduction to Cyber Security
- Cyber attacks
- Types of attacks
- Cyber security 101
Introduction of Cryptography
- Encryption
- Hashing
- Signatures
- Public-Key infrastructures
- SSL / TLS
Introduction to Authentication and Authorization
- Authorization concepts in general
- Session management
- Password handling and management
- Multi-factor Authentication
Injection Attacks
- SQL injection
- Command injection
- LDAP injection
- Cross site scripting (XSS)
Introduction to Secure Coding and Motivation
- History and security incidents in the past
- Common pitfalls
- Software dependencies
- etc.
Secure Coding Best Practices in C#
- Security best practices
- Proper usage of types
- Encapsulation
- Code signing
- Input data sanitization
- Logging
- Concurrency / multithreading
- Exception handling
- Data serialization and deserialization
- Security libraries and fameworks
API Security Considerations
- Security best practices
- GraphQL
Wrap up
- Code reviews
- Static code analysis
- Dynamic Code analysis / testing
- Secure software development process
About the Labs for this Course
The practical part of this course will deepen the knowledge of the attendees and consist of multiple hands-on exercises allowing them to strengthen and practice the theoretical skills that they learn in this course:
- Vulnerability discovery and exploitation: This part of the course relates to the identification and exploitation of an actual vulnerability within a vulnerable backend application written in C#. CODE Training created a vulnerable application to demonstrate common security errors and remediation as part of the hands-on exercises for this course.
- Remediation and mitigation: The hands-on labs requires the attendees to apply the knowledge from this course and requires them to remediate the vulnerabilities within the backend application.