SANS Training courses

DEV536: Secure Coding: Developing Defensible Applications July 16, 2017

The audit procedure documents for PCI 1.2 tell auditors that they should look for evidence that web application programmers in a PCI environment have had "training for secure coding techniques." The problem that many businesses are facing, however, is, "What is that and where can I get it?" This course packs a thorough explanation and examination of the OWASP top ten issues, which are the foundation of the PCI requirement, into a two day course.

Throughout the course we will look at examples of the types of flaws that secure coding protects against, examine how the flaw might be exploited and then focus on how to correct that code. Coupled with the lectures, there are more than ten hands on exercises where the students will have the opportunity to test out their new skills identifying flaws in code, fixing code and writing secure code. All of the exercises are available in Perl, PHP, C/C++, Ruby and Java. This will allow the student to try their hand at any of the major web application coding languages that they work with in addition to some of the supporting languages that might be at work behind the scenes. Students are not required to be familiar with all of these languages but should be proficient in at least one of them. Lectures are presented using a more or less code-neutral format.

For more information on this course, visit author Dave Hoelzer's Blog:

Students should bring a laptop with their current development environment pre-installed so that they can work through the programming problems in an environment that they are comfortable in. We strongly recommend that the system be well patched in the event that the student chooses to participate in the extensive group exercises that will require a wireless 802.11 adapter. We will provide all of the exercise materials, a fallback development environment, and a virtual Apache appliance on a CD with all of the exercise materials.

Students should have at least several months of coding experience, preferably web application coding experience. It is best if the student is familiar with one of the following languages: Perl, PHP, C, C++, Java or Ruby.

Source: www.sans.org

You might also like

SANS Pen Test: Course SEC504 - Laptop Setup
SANS Pen Test: Course SEC504 - Laptop Setup
PPG Judo Circuit training 10_10 sans matériel.wmv
PPG Judo Circuit training 10_10 sans matériel.wmv
ISRAELI KRAV MAGA/CS Mastering Krav Maga (Volume I) 6 DVD Set -- Self-Defense (Beginner to Advanced)
DVD (ISRAELI KRAV MAGA/CS)
  • • The most up-to-date krav maga from Israel covering more than 275 techniques
  • • Comprehensive real-world training in a hardcore fighting gym
  • • 6 discs covering the essential techniques to defend against all manners of unarmed a
  • • From the IKMA U.S. Chief Instructor and internationally recognized self-defense expert
  • • Author of Krav Maga (St. Martin s Press 2004), Advanced Krav Maga (St. Martin s Press 2008) and Krav Maga Weapon Defenses (YMAA in 2012).
Authenticated 1920 Ad Battle Creek Sanitarium School Nurse Dietitian Physical Training Health - Original Print Ad
Entertainment Memorabilia (Authenticated)
  • Product Type: Original Print Ad; Black / White
  • Grade: Near Mint / Very Fine
  • Dimensions: Approximately 4.75 x 3.5 inches; 12 x 9 cm
  • Authentication: Serial-Numbered Certificates of Authenticity w/ Full Provenance
  • Packaged in custom sleeve w/ archival black board (great for display, gift-giving, and preservation)
Wallmonkeys Wallmonkeys Freefall Parachute Jumpers Approaching the Trident Drop Zone in San Diego Peel and Stick Wall Decals (24 in W x 16 in H)
Home (Wallmonkeys)
  • Highest quality semi-gloss vinyl; Vibrant and bright
  • Pre-cut decals; Simply peel and stick
  • Made in the USA
  • Removable and repositionable with no sticky residue
  • Applies to any smooth surface
Infinite Skills Inc. Hadoop Fundamentals for Data Scientists [Online Code]
Digital Software (Infinite Skills Inc.)
  • Learn Hadoop Fundamentals for Data Scientists from a professional trainer on your own time at your own desk.
  • This visual training method offers users increased retention and accelerated learning.
  • Breaks even the most complex applications down into simplistic steps.
Tacx Tacx Real Life Milan San Remo DVD for Virtual Reality Trainer
Sports (Tacx)
  • The Real Life Videos of Tacx are made for slope/distance training sessions, The speed of the film is influenced by the cycling pace
  • If you are cycling up a mountain, then the brake will give so much resistance that you can actually sense the percentage of incline

Q&A

avatar
Are their any Firearms training course in San Diego? | Yahoo Answers


IMHO, i would always recommend self-studying the official guide of CISSP. the key are those concepts, better spend more time on the essential concepts in the 10 domains. reading through the other parts of the guide is just for better understanding on the essential concepts.
it's not that difficult. i passed my CISSP and CISA after reading the official guide for a few weeks.
participating this kind of training course not only costs you a lot of money, but it also forces you to understand other people understanding on the same concepts defined by the same official guide. why second hand…

avatar
EMT Training in San Francisco - accelerated course? | Yahoo Answers

I'm considering going through an EMT training course to learn the skills (not to work as an EMT). I understand that this involves some hospital and ambulance-ride-along component, which seems like great ways to learn while also helping the community. I've heard that some full-time courses can be...

Latest Stories

  • Application of Video Conferencing
    Application of Video Conferencing

    In our modern world are gaining more and more popularity videoconferencing. With the advancement of technology, we understand...

  • Technical Training Videos
    Technical Training Videos

    Course Description: This class provides an overview for the basic installation and operation of the Keri PXL-500 controllers...

  • Free online classes
    Free online classes

    Looking for a new job? A unique skill could easily set you apart from the hundreds of other applicants. Worked in the same...

  • Conference call Cisco
    Conference call Cisco

    This document describes the steps used to set up a Meet-Me Conference and the details of how to use it in Cisco CallManager...

  • Download Go to Meeting
    Download Go to Meeting

    When you start or join a session, the Control Panel provides you with access to the in-session features and tools that GoToMeeting...

  • Business Administration classes
    Business Administration classes

    Business administration degree programs prepare students to enter the business field. Digital Vision./Digital Vision/Getty...

More

☕ Download mp3 free on mp3zone.
Get SEO optimisation tips

It's Interesting...

  • Various vehicle shipping companies have different payment policies, based on the level of their professionalism. If you are asked the pay the total amount upfront, be on your guard: a truly professional company will usually only ask for a part once the car is shipped, and for the rest upon delivery. The final payment is often done in cash, since that's what truck drivers prefer.

Copyright © . All Rights Reserved