Course Secure C# Web Development

The course Secure C# Web Development covers how C# web applications can be optimally secured and the best practices therein. Attention is paid to the top 10 OWASP security vulnerabilities, their consequences, their prevention and also how security can be implemented programmatically.

  • Content
  • Training
  • Modules
  • General
  • Reviews
  • Certificate
  • Course Secure C# Web Development : Content

    Intro Security

    The course Secure C# Web Development starts with a discussion of the main security risks as identified by the Open Worldwide Application Security Project (OWASP).

    Broken Access Control

    Subsequently security risks associated with access control through authentication and authorization are treated. Role Based Access Control, Access Control Lists and the implementation of Session Management are the topics that are covered.

    Cryptographic Failures

    Security problems with encryption are also on the course schedule. Attention is paid to problems with the use of weak keys, hard coding of secrets, insufficient verification of signatures and possible side-channel attacks.

    Injection risks

    An important security threat is the various forms of injection that are lurking. SQL Injection, Cross-Site Scripting and XPath injection are discussed, as well as prevention measures.

    Incorrect Design

    Then attention is paid to security problems that are the result of incorrect design, such as the lack of input validation and unsafe session management. Insufficient protection against Cross Site Request Forgery is treated as well.

    Configuration Errors

    Errors in the configuration can lead to security problems also. Various examples of this, such as the use of default credentials and weak password policies, are covered.

    Obsolete Components

    Security risks resulting from components that are no longer up to date, incorrectly configured or malicious packages and cryptographic weaknesses, are also on the program of the course Secure C# Web Development.

    Authentication errors

    Attention is also paid to common errors in authentication, such as weak password policies, overly permissive access controls and the lack of multi-factor authentication. And finally security flaws in monitoring and logging are discussed.

  • Course Secure C# Web Development : Training

    Audience Course Secure C# Web Development

    The course Secure C# Web Development is intended for C# Developers who want to learn how to protect C# applications with the best security practices.

    Prerequisites Course Secure C# Web Development

    Experience with the fundamentals of the C# language is required to participate in this course. Affinity with security concepts is helpful in understanding.

    Realization Training Secure C# Web Development

    The course Secure C# Web Development has a hands-on character. The theory is alternated with practical exercises and is explained using presentation slides.

    Certification course Secure C# Web Development

    After successfully completing the training, participants receive a certificate of participation in the course Secure C# Web Development.

    Secure C# Web Development
  • Course Secure C# Web Development : Modules

    Module 1 : OWASP Top 10

    Module 2 : Broken Access Control

    Module 3 : Cryptographic Failures

    Secure Coding practices
    Never trusting Input
    SQL injection and NoSQL injection
    OS command injection
    Broken Authentication
    Session Fixation
    Cross Site Scripting
    Cross Site Request Forgery
    Insecure Deserialization
    Implement Proper Authentication
    Role Based Access Control (RBAC)
    Implement Use Session Management
    Session Timeout
    Access Control Lists (ACLs)
    Principle of Least Privilege (PoLP)
    URL and API Authorization
    Error Handling
    Regular Security Testing
    Weak Key Generation
    Insecure Storage of Keys
    Using Outdated Algorithms
    Hardcoding Secrets
    Insufficient Key Management
    Using Homegrown Cryptography
    Failure to Verify Signatures
    Side-Channel Attacks
    Lack of Forward Secrecy

    Module 4 : Injection Flaws

    Module 5 : Insecure Design

    Module 6 : Configuration Failures

    SQL Injection (SQLi)
    Cross-Site Scripting (XSS)
    Command Injection
    XML Injection
    LDAP Injection
    XPath Injection:
    SSI Injection (Server-Side Includes)
    Object Injection
    Template Injection
    CRLF Injection
    Inadequate Authentication
    Lack of Input Validation
    Excessive Data Exposure
    Insecure Session Management
    Hardcoding Secrets
    Insufficient Authorization
    Insecure Data Storage
    Cross-Site Request Forgery (CSRF)
    Insecure File Uploads
    Improper Error Handling
    Improper Access Control
    Unsecured APIs
    Open Database Ports
    Default Credentials
    Unused or Unnecessary Features
    Weak Password Policies
    Missing Security Updates
    Improper Access Permissions
    Insecure Session Management
    Excessive Error Detail

    Module 7 : Outdated Components

    Module 8 : Authentication Mistakes

    Module 9 : Logging and Monitoring

    Known Vulnerabilities
    Malicious Packages
    License Compliance
    Misconfigured Packages
    Dependency Chains
    Cryptographic Weaknesses
    Data Privacy and Compliance
    Resource Exhaustion
    Insecure Configuration Defaults
    Weak Password Policies
    No Account Lockout Mechanism
    Inadequate Password Storage
    Hardcoding Credentials
    Lack of Multi-Factor Authentication
    Missing CAPTCHA or Rate Limiting
    Overly Permissive Access Controls
    Insecure Remember-Me Functionality
    Hostname Verification
    Insufficient Logging
    Lack of Centralized Logging
    Logging Sensitive Information
    Inadequate Log Retention
    Unencrypted Logging
    Insufficient Access Controls
    Failure to Monitor Logs in Real-Time
    No Alerts or Notifications
    Ignoring Anomalous Activity
  • Course Secure C# Web Development : General

    Read general course information
  • Course Secure C# Web Development : Reviews

  • Course Secure C# Web Development : Certificate