Secure Coding in .Net
Graded: Secure Coding in .Net
1 Question

Secure Coding in .Net

AppSec 103 - Secure Coding in Net

About this course

AppSec 103 - Secure Coding in Net

Secure Coding in .Net

Instructor:Fabio Cerullo
Next Scheduled Course:
TBC Live Online €500 (1 day)



The .NET framework provides unprecedented flexibility and productivity to web application developers. Many applications allow access to critical and confidential resources and this has made them popular targets for attack. Application developers are responsible for understanding the limitations of the .NET framework and adopting best practices to ensure that their code is secure.

About this course


This course aims to provide the knowledge and resources required to improve the security of Web applications developed using the .NET Framework. This course is designed to educate developers on the skills necessary to build and deploy secure .NET applications following a Secure Development Lifecycle (SDL) process.

It is recommended that participants on the Web Application Secure Coding in .Net have completed the Web Application Security Essentials course. Please see “Related Training” below.


The course is aligned with the OWASP Top 10, a world-renowned reference document which describes the most critical web application security flaws.

The topics covered include:

  • General Web Application Security Concepts
  • .NET Framework Security Features
  • Identify security vulnerabilities in code (OWASP Top 10, SANS 25)
  • Implement Security Controls
  • Authentication
  • Session Management
  • Access control
  • Input validation
  • Output encoding/escaping
  • Cryptography
  • Error handling and logging
  • Data Protection
  • HTTP security
  •  Incorporate security into the development process

Format: The course combines theory and hands-on practical exercises. The participants learn to identify vulnerabilities in a purposely-developed .Net application and fix them using secure coding best practices. This provides an ideal ‘real-life’ opportunity to exploit these vulnerabilities using different open source tools and techniques in a safe environment.

Duration: 1 day (8 hours)

Attendee Profile

The course is designed for:

• Software Developers
• Quality Assurance professionals
• System Architects
• Information Security Professionals

  • Printed materials
  • Virtual image containing all tools used
  • Certificate of Participation (CPE Points)
Related Training

Course Curriculum

Graded: Secure Coding in .Net
1 Question