Secure Coding for PCI DSS
Graded: Secure Coding for PCI DSS
1 Question
Top

Secure Coding for PCI DSS

AppSec 105 - Secure Coding for PCI DSS

About this course

Secure Coding for PCI DSS

a
Instructor:Fabio Cerullo
Next Scheduled Course:
TBC Live Online €700 (1 day)

 

 

The Payment Card Industry Data Security Standard (PCI DSS) enhances cardholder data security. It defines a common set of rules and controls to ensure greater consistency of data security measures. Applications that process card data must be secure. Developers need to understand PCI DSS requirement 6.5, how to identify vulnerabilities and how a hacker may try to take advantage of a weakness. Specific knowledge and skills helps developers to code defensively and meet the secure coding and application security standards required by PCI DSS.

Why Secure Coding for PCI DSS?

  • The Payment Card Industry Data Security Standard (PCI DSS) requires that organisations developing applications that handle card data secure their software against common vulnerabilities. As part of this, PCI DSS compliant organisations that process card payments and/or cardholder data need to train their software developers in secure coding techniques.
  • Our PCI Secure Development training aims to provide developers with an understanding of the issues highlighted in PCI DSS requirement 6.5. They will then get an in-depth review of the various types of threats against systems, and learn the skills required to recognize software vulnerabilities and implement the processes and measures associated with the security development lifecycle (SDL)

Group discount available – Contact Us for more information

About this course

Objectives

This course aims to provide the knowledge and resources required to improve the security of applications following a secure development lifecycle (SDL) process.
For additional security training please see the “Further Training” tab.

Overview

The topics covered include:

  • General Application Security Concepts
  • Identify security vulnerabilities in code (OWASP Top 10)
    • Injection
    • Broken Authentication
    • Sensitive Data Exposure
    • XML External Entities (XXE)
    • Broken Access Control
    • Security Misconfiguration
    • Cross-Site Scripting (XSS)
    • Insecure Deserialization
    • Using Components with Known Vulnerabilities
  • Insufficient Logging & Monitoring
  • Implement Security Controls 
  • Implement the processes and measures associated with the security development lifecycle (SDL).

Duration: 1 day (8 hours)

Attendee Profile

The course is intended for Developers and Software Architects (any level).

Materials
  • Soft copy of tools & presentation slides
  • Certificate of Participation (CPE Points)
Related Training

Course Curriculum

Graded: Secure Coding for PCI DSS
1 Question