Secure programming is the best defense against hackers. This multi-layered hands-on course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your Windows Store Apps.
The methodology of the cycle of knowledge is as follows: understand, identify, prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. Using sound programming techniques and best practices shown in this course, you will be able to produce high-quality code that stands up to attack.
The course covers major security principles in the Windows Store Apps, programming vulnerabilities.
Introduction to Windows Store Apps Security
Windows 8 runtime architecture
.NET for Windows Store Apps
Windows 8 new security features
Windows app certification kit
DACL – Mandatory Integrity Control
Working with files
Protecting Sensitive Data
Introduction to cryptography
Public key cryptography
Introduction to server side attacks
Insecure remote authentication – client ID, IMEI, etc.
Proxies and sniffers
Sensitive information transmission
Importing SSL certificates & trusted CA’s
Bypassing server certificate validations
Exposing insecure traffic
Validating server certificates and avoiding Man-in-the-Middle
Security Best Practices for Building Windows Store Apps
Handling sensitive data
Compile with VS
Minimize app capabilities
Prefer a least privileged app
Validate files, protocols, and imported data
Use HTTPS connections
Don’t allow the loopback interface in production apps
Secrets in code
Assume attackers have source code
Handling untrusted data
Memory corruption and native code
3rd party components Security
.NET logging technologies
Events you should log
Events you should not log
Integration with exception management
Reverse Engineering Windows Store Apps
The problem of reversing & decompilation
Server DLL hijacking
Introduction to MSIL & the CLR
Windows Store Apps application developers
Basic knowledge of the .NET framework
Basic knowledge of WinRT and Windows Store Apps development
Interested in this course? Have any questions?
Let us know and we’ll get back to you…
% Pure Security knowledge!