Our classroom training provides you the opportunity to interact with instructors and benefit from face-to-face instruction.
SECO – Secure Programming Foundation
High quality training from Certified & Industry Experts
Earn 16 PDUs
Course Completion Certificates
Reimbursement guaranteed if the training is not satisfied
Extensive documentation provided
Our approach is both practical and inspirational. Our training is carefully designed and tested to develop the key skills and confidence needed while being highly participatory and fun
The Secure Programming Foundation course is the first level of the SECO – Secure Software certification track.
This introductory course covers the basic concepts of secure programming. The course offers an ideal mix of theory and practice, where practical examples are illuminated with case studies.
The aim of the course is to enable candidates to apply security principles in design and code, detect security problems in software and explain the causes of these problems.
In more detail, candidates should be able to:
- ● Understand the importance of security in the software life cycle and the logic behind security principles
- ● Define basic security terms, e.g. STRIDE, attack surface, trust boundaries, password salting, authentication, authorisation, hardening, cryptography
- ● Understand web application attack surfaces and trust boundaries
- ● Explain the workings of HTTP requests and header injection
- ● List password authentication vulnerabilities and relevant countermeasures
- ● Summarise the security implications of session management and list relevant countermeasures against session fixation
- ● Identify countermeasures against cross-site request forgery (CSRF) and clickjacking attacks
- ● Identify and explain countermeasures against injection attacks
- ● Identify and explain countermeasures against buffer overflows
- ● Identify and explain countermeasures against cross-site scripting (XSS)
- ● Identify and explain countermeasures against file upload attacks
- ● Identify and explain countermeasures against character encoding vulnerabilities
- ● Understand privilege escalation and list relevant mitigation techniques
- ● Explain how to secure products by hardening and vulnerability scanning
- ● Summarise how to prevent side channel attacks
- ● Summarise how to prevent DoS attacks
- ● Understand the importance of good error handling practices
- ● Understand the security risks involved in logging
- ● Understand symmetric and asymmetric cryptography, Man-in-the-Middle attacks and the pitfalls in SSL/TLS and HTTPS certificates
- ● Explain how security requirements can/should be identified
- ● Perform simple threat modelling exercises and identify security requirements for a system
The course covers eight areas of attention
- ● Module 1: Secure Programming Awareness
- ● Module 2: Security from a Technical Point of View
- ● Module 3: Authentication and Session Management
- ● Module 4: Handling Input
- ● Module 5: Authorisation
- ● Module 6: Configuration, Error Handling and Logging
- ● Module 7: Cryptography
- ● Module 8: Secure Software Engineering
Novice or experienced programmers or software developers whose primary activities include
- ● developing software,
- ● testing or auditing software,
- ● facilitating software development
What Does Mangates provide me on the day of the course?
What experience does Instructor has?
All our Instructors are Certified & Industry Experts and they have years of experience in the same filed.
Do you provide a group discount for classroom training programs?
We do Provide Group Discounts such as 10% for group of 3, 15% for group of 5 and 20% for the group of 10 people.
If I cancel my Enrollment, how can I claim my Refund?
You can request a refund by sending an email to firstname.lastname@example.org and within 7 working days you get your money back.