Secure Coding in .NET Training

Commitment 3 Days, 7-8 hours a day.
Language English
User Ratings Average User Rating 4.8 See what learners said
Delivery Options Instructor-Led Onsite, Online, and Classroom Live


Secure Coding in .NET: ASP.NET/C#/VB.NET provides the most comprehensive approach to developing Secure .NET Applications. This Secure Coding in .NET Training course is designed for ASP.NET and C# developers that require effective, real-world, secure programming skills they can implement immediately at the workplace.

This comprehensive 3-day Secure Coding in .NET | ASP.NET | C# | VB.NET Training course is designed to educate professional programmers on the skills necessary to develop and deploy secure applications as a fundamental element of the entire application development process. You’ll learn which poor programming practices lead to vulnerable code, how to code securely, and how to maintain secure development practices throughout the development life cycle. You’ll sharpen skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing, and securing real-world applications.

  • 3 days of Secure Coding in .NET Training with an expert instructor
  • Secure Coding in .NET Electronic Course Guide
  • Certificate of Completion
  • 100% Satisfaction Guarantee



Upon completing this Secure Coding in .NET Training course, learners will be able to meet these objectives:

  • The objective of our Secure Coding in .NET course is to encourage you to take security seriously by demonstrating concrete, hands-on examples of vulnerable code.
  • You will learn which poor programming practices lead to vulnerable code, and how to code securely and maintain secure development practices throughout the SDLC.
  • You will sharpen your skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing, and securing real-world applications.
  • You will be given the opportunity to participate in securing and testing applications through a progression of “challenge scenarios” alternating assignments as “attackers” and “defenders” of applications.
  • We can adapt this Secure Coding in .NET Training course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this Secure Coding in .NET course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the Secure Coding in .NET around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Secure Coding in .NET  course in a manner understandable to lay audiences.

The target audience for this Secure Coding in .NET Training course:

  • .NET Application Developers
  • C# Programmers
  • ASP.NET Developers
  • Managers, Architects, and Technologists involved in deploying .NET applications

The knowledge and skills that a learner must have before attending this Secure Coding in .NET course are:

  • Prior to enrolling in Secure Coding in .NET, students should have roughly 12-24 months of experience working with .NET Applications. Attendees should have an understanding of web applications, and web programming concepts, and experience building web applications using the .NET Framework. A basic understanding of IT security principles is recommended but not required. No advance preparation is required for this session


Secure Coding in .NET Training
  • General Web Application Security Concepts
  • .NET Framework Security Features
  • Input Validation & Encoding
  • Input Driven Attacks
  • Validation Best Practices
  • Output Encoding
  • Common Authentication Weaknesses
  • Authorization Best Practices
  • Controlling Application Access
  • Password Security
  • Session Hijacking & Trapping
  • Protecting User Sessions & Tokens
  • Canonicalization Problems
  • Parameter Manipulation
  • Encryption, Confidentiality & Data Protection
  • Cookie-Based Attacks
  • Protecting Application Variables
  • Error Handling & Logging
  • Attacking via Error Messages
  • Secure Logging & Error Handling
  • Server Configuration & Code Management
  • Common App Server Misconfigurations
  • Protecting Application Code
  • XML Web Services
  • Overview of WSDL, SOAP & AJAX Security
  • Web Service Attacks
  • AJAX Pitfalls
  • Web Service Best Practices
  • Application Threat Modeling
  • Application Context
  • Identifying Attacks, Vulnerabilities & Countermeasures
  • Threat Modeling Tools
  • Cache-Control Issues
  • SSL Best Practices
Secure Coding in .NET TrainingSecure Coding in .NET Training Course Recap, Q/A, and Evaluations