Secure Coding - Secure application development
- Descrição
- Currículo
- FAQ
- Revisões
The course is suitable for programmers, project managers or software architects and provides indications on the methodological bases, standards (as Owasp best practices) and tools for developing secure code, avoiding the inclusion of bugs or vulnerabilities in the programs. Various practical workshops are carried out to support the theoretical treatment, which show the use of the tools and the mitigation of some of the vulnerabilities most frequently found in web or desktop applications.
-
3
Software development lifecycleTechniques, methodologies and tools available in the software development life cycle to increase the security of the developed applications.
-
4
Risk analysis
Risk analysis and asset vulnerability research
-
5
Threat modeling
-
6
Threat modeling - exercise
-
7
SAST (Static Application Security Testing) tools
-
8
The OWASP community
The methodologies and guidelines of OWASP (Open Web Application Security Project) for the secure development of applications
-
9
Guidelines for secure coding
-
10
Verification test
-
15
Secure Coding guidelines for input validation
-
16
SQL Injection vulnerability
-
17
SQL Injection vulnerability Lab
-
18
LDAP and XPath Injection vulnerabilities
-
19
Cross-Site Scripting (XSS) vulnerability
-
20
Cross-Site Scripting (XSS) vulnerability Lab
-
21
OS Command Injection vulnerability
-
22
OS Command Injection vulnerability Lab
-
23
LFI (Local File Inclusion) and RFI (Remote File Inclusion) vulnerabilities
-
24
LFI / RFI vulnerabilities Lab
-
25
Unvalidated File Upload vulnerability
-
26
Unvalidated File Upload vulnerability Lab
-
27
Buffer Overflow vulnerabilities
-
28
XXE (XML External Entities) Vulnerabilities
-
29
XXE (XML External Entities) Lab
-
30
Insecure Deserialization
-
31
Verification test
