Secure programming is the best defense against hackers. This seminar will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your .NET client applications.
The methodology of the cycle of knowledge is as follows: understand, identify, prevent. This methodology presents the student with analytic tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The demos will enable the student to get a firsthand experience of the hackers’ world and what could be done to stop him. Using sound programming techniques and best practices shown in this seminar, you will be able to produce high-quality code that stands up to attack.
The seminar covers major security principles in the .NET framework, programming vulnerabilities, and specific security issues in .NET client applications.
Introduction – Importance of Application Security
Damages of computer break-ins
Understanding the attacker
What is application security, and why it is different than network security?
Common security standards and regulations (OWASP, WASC, PCI, HIPAA, SOX)
Fraud, identity theft and privilege escalation
Phishing & spear phishing
Sensitive information disclosure & data theft
Denial of Service (DoS)
Common Client Side Threats & Vulnerabilities
Decompiling, patching and debugging without source code
Client side authorization
Failure to restrict URL access
WPF/UI based security
Client side DoS
Insecure code loading
Best Practices for Client Side Security
Secure object serialization
Secure traffic enforcement
Blacklist VS. Whitelist validation
Regular expressions (Regex)
Client side validations
Sanitizing file names using system.IO. Path.GetFullPath
Events you should log
Events you should not log
Strong name and assembly signing
Locating assemblies with strong name
Basic knowledge of the .NET framework
Winform / WPF background
Interested in this course? Have any questions?
Let us know and we’ll get back to you…
% Pure Security knowledge!