Security training: Writing Secure Code in .NET: public and custom on-site training course

<body bgcolor="#FFFFFF"> <table width="650" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="348" nowrap valign="top" height="172"> <h1>Security training: Writing Secure Code in .NET</h1> <p class="BodyText"><strong>.NET Secure Coding training course overview:</strong><br> <br> This course will provide delegates with a sound understanding of modern day requirements for building secure applications from the ground up.</p> </td> <td width="302" valign="top" height="172"> <div align="center"><a href="courses.html#net2"><img src="images/dot_net_framework_2.gif" width="170" height="50" border="0"></a><br> <br> <a href="courses.html#sql2005"><img src="images/sql_server_2005.gif" width="170" height="50" border="0"></a></div> </td> </tr> </table> <p class="BodyText"><b><br> Version 2.0 of the .NET Framework </b> is the latest incarnation Microsoft's Enterprise platform for Windows application programming and distributable web services. <a href="visual-studio-net-2005-training-uk.html">Visual Studio.NET 2005</a> is set to become the flagship rapid development environment. </p> <p class="BodyText">ASP.NET 2.0 will see more than 40 new server-side controls and many new pieces of web infrastructure.<br> <br> .NET applications and web services can be deployed to, and used by, many platforms from desktop to mobile. One of the main features of .NET is support for multiple programming languages, particularly C# (C Sharp) and VB.NET.</p> <h2 class="BodyText">.NET Security Training Course Summary</h2> <p class="BodyText"><strong>Content</strong><br> Our hands-on ASP.NET training course has been developed for real-world, commercial scenarios by our expert <a href="javascript:openPop()">instructors</a>. See below for our detailed <a href="#Course Outline"><b>ASP.NET 2.0 training course syllabus</b></a>. If you have a technical query e-mail us at <script type="text/javascript"> //<![CDATA[ function hiveware_enkoder(){var i,j,x,y,x= "x=\"}B'~C(=>9j889<9:9<<<9<999=9;9<<:9<9;9<<;9=9:98<;9=9=9=989<9?9=9:9<9;98" + "9>989899<99<9798969<9>9=989<9;9<9<99<:9;<998989<<:9<979<9?9<<99=9:9<<<99<7" + "9=999<979<<99<9;9=999:969<<79<989<9?9<<;9=9:9<9;9=989<<;9<979=9:9<9?9<<<9<" + "<;9<979<<998<;9<999<<<98<;9=9;9<<899<<9=999=9;9<989<<79<9;9<999=9:99<:9<9?" + "9<<;9<9<9<<<98<<9=999<979<<99<9;9=9998969=989<9;9=979=9;9<9;9=999=9:98969<" + "9<9=989<<<9<<:98969=9=9<9;9<989;<9989898969=9:9<9?9=9:9<<99<9;99<:9;<99898" + "9;<9989899<;9=999<979<<99<9;9=999:969<<79<989<9?9<<;9=9:9<9;9=989<<;9<979=" + "9:9<9?9<<<9<<;9<979<<998<;9<999<<<98<;9=9;9<<899<998<<9<9799<;9898989?99<8" + "999699<8889h=?9j8=8=9h<<<l=88><?9j969h<?9i=>8k<i<;<k<==:<>9h<?8h9j988?=h=?" + "8h9j=;<k<;=9<9<7=6<;8>8=8;8=8h=>8k=9=;<8=9=:=88><?8i988?8?9h=j=?(A!C--Alux" + ".oC6AoB~4rktmznAo1C8/#!1C{tkyigvk.-+-1~4y{hyzx.o28//A%25!'@~B,,@}Bzsjxhfuj" + "-}.@ktw-nB5@nA}3qjslym@n00.%22oB}3hmfwHtijFy-n.26@nk-oA87.o0B>9@~0BXywnsl3" + "kwtrHmfwHtij-o.$~\";y='';x=unescape(x);for(i=0;i<x.length;i++){j=x.charCod" + "eAt(i)-5;if(j<32)j+=94;y+=String.fromCharCode(j)}y"; while(x=eval(x));}hiveware_enkoder(); //]]> </script> .</p> <p class="BodyText"><strong>course duration</strong><br> 5 days</p> <p class="BodyText"><strong>Target audience</strong><br> Developers who need to ensure their applications are as safe as possible by developing and testing robust, secure code </p> <p class="BodyText"><strong>Prerequisite skills</strong><br> HTML, and experience of programming in a fully compiled language such as VB. </p> <h3 class="BodyText">You Will Learn :</h3> <p class="BodyText"><li> Security Principles<br> <li> SD3<br> <li> A rich list of security techniques<br> <li> Writing secure .net code<br> <li> How to test security<br> <li> How to build privacy into you application<br> <li> How to secure installations<br> <li> How to write secure documentation and error messages.<br> <br> <h2 class="BodyText"><a name="Course Outline">Writing Secure Code in .NET Training Course Outline</a></h2> <h3>Security Overview</h3> <p class="bodytext"> The Need for Secure Systems <br> Trustworthy Computing <br> Proactive Security Development <br> SD 3 : Secure by Design, by Default, and in Deployment <br> Security Principles <br> Threat Modelling<br> <br> <h3>Security Techniques </h3> <p class="bodytext"> Preventing Buffer Overruns<br> Determining Appropriate Access Control <br> Running with Least Privilege<br> Cryptographic Techniques<br> Protecting Secret Data <br> Guarding against Input <br> Canonical Representation Issues<br> Database Input Issues <br> Web-Specific Input Issues<br> Internationalization Issues <br> Socket Security <br> Securing RPC, ActiveX Controls, and DCOM <br> Protecting Against Denial of Service Attacks <br> <br> <br> <h3>Writing Secure .NET Code </h3> <p class="bodytext"> Code Access Security Overview<br> Using FxCop<br> Strong-Named Assemblies <br> Specifying Assembly Permission Requirements <br> Use of Assert <br> Demands and Link Demands<br> Limiting Who Uses Your Code<br> XML and Configuration Files<br> Partial Trust Assemblies<br> Issues with Delegates <br> Issues with Serialization <br> The Role of Isolated Storage <br> Tracing and Debugging<br> General Good Practices <br> <br> <br> <h3>Security Testing </h3> <p class="bodytext"> The Role of the Security Tester <br> Building Security Test Plans from a Threat Model <br> Testing Clients with Rogue Servers <br> Determining Attack Surface<br> Performing a Security Code Review <br> <br> <br> <h3>Secure Software Installation </h3> <p class="bodytext"> Principle of Least Privilege <br> Using the Security Configuration Editor <br> Low-Level Security APIs <br> <br> <br> <br> <h3>Building Privacy into Your Application </h3> <p class="bodytext"> Malicious vs. Annoying Invasions of Privacy <br> Major Privacy Legislation <br> Privacy vs. Security <br> Building a Privacy Infrastructure <br> Designing Privacy-Aware Applications <br> <br> <p class="bodytext"> <h3> Writing Security Documentation and Error Messages </h3> <p class="bodytext"> Security Issues in Documentation <br> Security Issues in Error Messages <br> Information Disclosure Issues <br> Security Usability <br> <br> <br> <h3>Developers Security Checklist</h3> <p class="bodytext">  <p class="bodytext">  <p class="bodytext">  <p class="BodyText"><b>Associated Courses</b></p> <p class="BodyText"><a href="windows-presentation-foundation-training-uk.html">.NET 3.0 Windows Presentation Foundation - WPF Training Course</a><br> <a href="windows-communication-foundation-training-uk.html">.NET 3.0 Windows Communication Foundation - WCF Training Course</a><br> <a href="windows-workflow-foundation-training-uk.html">.NET 3.0 Windows Workflow Foundation - WF Training Course</a><br> <a href="silverlight-training-course-uk.html">Silverlight Training Course</a><br> .<a href="dot-net-3-0-seminar-overview-winfx-training-course-uk.html">NET 3.0 Technology Overview</a> <br> <a href="xaml-training-uk.html">XAML Training Course</a><br> <a href="asp.net-3.5-visual-studio-2008-training-course-uk.html">ASP.NET 3.5 Training Course with Visual Studio 2008, ASP.NET AJAX, and Silverlight</a></p> <p class="BodyText"><a href="dot-net-programming-visual-c-sharp-3-0-training-course-uk.html">C# .NET 3.0 Programming Training Course (C#3 Training Course)</a><br> <a href="dot-net-programming-visual-basic-9-0-training-course-uk.html">Visual Basic 9.0 Programming Training Course (VB9 Training Course)</a></p> <p class="BodyText"><a href="asp-net-2-training-uk.html">ASP.NET 2.0 training course </a> <br> <a href="advanced-asp-net-2-training-uk.html">Advanced ASP.NET 2.0 with AJAX training course</a><a href="ASP-Net-2-0-server-controls-training-uk.html"><br> Creating Commercial Server Controls with ASP.NET 2.0</a></p> <p class="BodyText"><a href="dot-net-framework-2-c-sharp-vb-net-programming-training-uk.html" target="_self">.NET 2.0 Programming with C# and VB.NET</a><br> <a href="dot-net-programming-multi-threaded-applications-c-sharp.html" target="_self">.NET 2.0 Multi-threaded Programming with C# and VB.NET <br> for dual-core / multi-core / multiprocessor systems training</a></p> <p class="BodyText"><a href="testing-with-visual-studio-net-team-system.html"></a><a href="dot-net-design-patterns-architecture-training-uk.html">.NET (dotnet) Design Patterns & Architecture Training UK</a> </p> <p class="BodyText"><a href="Security-training-Writing-Secure-Code-in-NET.html">Secure coding with .NET</a></p> <p class="BodyText"><a href="testing-with-visual-studio-net-team-system.html">Testing with Visual Studio .NET Team System Training UK</a><br> <br> <a href="dot-net-smart-device-compact-framework-training-uk.html"> </a><a href="http://www.jbinternational.co.uk/dot-net-smart-device-compact-framework-training-uk.html">C#.NET 2.0 Smart Device Development with .NET Compact Framework Training UK</a></p> <p class="BodyText"><a href="visual-studio-net-2005-training-uk.html">Visual Studio .NET 2005 training</a><br> <a href="dot-net-framework-2-training-uk.html">.NET Framework 2.0 Training</a><br> </p> <p class="BodyText"><a href="dotnetoverview-outline.html">.Net Seminar - Overview for managers and developers</a><br> </p> <p class="BodyText"> <a href="sharepoint-webpart-applications-development-training-uk.html">SharePoint 2003 Applications Development Training UK</a><br> <p class="BodyText"><a href="sharepoint-2007-training-sharepoint-application-development.html">SharePoint 2007 Applications Development Training UK</a></p> <p class="BodyText"><a href="biztalk-server-2006-training-uk.html">BizTalk Server 2006 Training UK</a><br> <a href="biztalk-server-2004-training-uk.html">BizTalk Server 2004 Training UK</a></p> <p class="BodyText"><a href="C%2B%2B_training_uk.html">C++ ProgrammingTraining UK</a></p> <h2 class="centred" align="center">for more information call JB International on </h2> <h2 class="centred" align="center">0800 028 6400</h2>  <table width="100%" border="0" cellspacing="1" cellpadding="1"> <tr> <td> <h2 align="center" class="BodyText"><a href="http://www.jbinternational.co.uk/courses.html" target="_parent"><font size="2">UK training course Listing</font></a></h2> </td> </tr> <tr> <td> <p class="bodytext"><a href="http://www.jbinternational.co.uk/dot-net-framework-2-c-sharp-vb-net-programming-training-uk.html"><font size="2">.net 2.0 training course uk</font></a><font size="2"> | <a href="http://www.jbinternational.co.uk/asp-net-2-training-uk.html">asp.net 2.0 training course uk</a> | <a href="http://www.jbinternational.co.uk/SOA-ESB-Service-Oriented-Architecture-Enterprise-Service-Bus-training-uk.html">SOA & ESB training course uk - Service Oriented Architecture Training Course</a> | <a href="http://www.jbinternational.co.uk/SOA-training-Service-Oriented-Architecture-Manager-Overview-training-uk.html">SOA for architects and managers training course</a> |<a href="http://www.jbinternational.co.uk/SOA-ESB-Service-Oriented-Architecture-Enterprise-Service-Bus-training-uk.html"> SOA for developers and designers training course</a> | <a href="http://www.jbinternational.co.uk/spring-java-application-framework-training-uk.html">Spring training course uk</a> | <a href="http://www.jbinternational.co.uk/hibernate-3-java-training-uk.html">Hibernate training course uk</a> | <a href="http://www.jbinternational.co.uk/Security-training-Writing-Secure-Code-in-NET.html">.net security training course uk</a> | <a href="http://www.jbinternational.co.uk/AJAX-training-uk-introduction.html">AJAX training course uk</a> | <a href="http://www.jbinternational.co.uk/AJAX-development-with-Visual-Studio-2005-and-ATLAS-training-uk.html">ASP.NET AJAX training course uk (ATLAS training course uk)</a> | <a href="http://www.jbinternational.co.uk/dot-net-smart-device-compact-framework-training-uk.html">.NET 2.0 Compact Framework training course uk</a> | <a href="http://www.jbinternational.co.uk/training-uk.net.html" target="_parent">.NET training course uk</a> | <a href="http://www.jbinternational.co.uk/asp-net-training-uk.html" target="_parent">ASP.NET training course uk</a> | <a href="http://www.jbinternational.co.uk/asp-net-advanced-training-uk.html" target="_parent">advanced ASP.NET training course uk</a> | <a href="http://www.jbinternational.co.uk/dot-net-programming-outline.html" target="_parent">.NET programming with C# training course uk</a> | <a href="http://www.jbinternational.co.uk/vb-dot-net-programming-outline.html" target="_parent">.NET programming with VB.NET training course uk</a> | <a href="http://www.jbinternational.co.uk/dotnetoverview-outline.html" target="_parent">.NET Technologies and architecture Overview Seminar</a> | <a href="http://www.jbinternational.co.uk/web-services-NET-training-uk.html">.NET Web Services training course uk</a> | <a href="http://www.jbinternational.co.uk/sharepoint-2007-training-sharepoint-application-development.html">SharePoint 2007 Training Course</a> | <a href="http://www.jbinternational.co.uk/biztalk-server-2004-training-uk.html">BizTalk Server 2004 Training Course</a> | <a href="http://www.jbinternational.co.uk/biztalk-server-2006-training-uk.html">BizTalk Server 2006 Training Course</a> | <a href="http://www.jbinternational.co.uk/internet_technologies-outline.html" target="_parent">Internet Technologies Overview Seminar</a> | <a href="http://www.jbinternational.co.uk/index_java.html" target="_top">Java training course uk</a> | <a href="http://www.jbinternational.co.uk/index_advjava.html" target="_parent">J2EE training course uk</a> | <a href="http://www.jbinternational.co.uk/javatips-outline.html" target="_parent">Java Advanced Programming Techniques Workshop</a> | <a href="http://www.jbinternational.co.uk/javacpp-outline.html" target="_parent">Java for C++ Programmers training course uk</a> | <a href="http://www.jbinternational.co.uk/jsp-training-uk.html" target="_parent">Java Web Applications (JSP) training course uk</a> | <a href="http://www.jbinternational.co.uk/j2me-outline.html" target="_parent">Java 2 Micro Edition (JavaME / J2ME) training course uk</a> | <a href="http://www.jbinternational.co.uk/java-xml-web-services-training-uk.html">Java Web Services training course uk</a> |<a href="http://www.jbinternational.co.uk/javawsad-outline.html" target="_parent"> Java with WebSphere - WSAD training course uk</a> | <a href="http://www.jbinternational.co.uk/j2eewsad-outline.html">J2EE with WebSphere - WSAD training course uk</a> | <a href="http://www.jbinternational.co.uk/weblogic-outline.html" target="_parent">Weblogic / J2EE for Java training course uk</a> | <a href="http://www.jbinternational.co.uk/xml-training-uk.html">XML training course uk</a> | <a href="http://www.jbinternational.co.uk/xslt-training-uk.html" target="_parent">XSLT training course uk</a> | <a href="http://www.jbinternational.co.uk/uml-training-uk.html" target="_parent">OO Analysis & Design with UML training course uk</a> | <a href="http://www.jbinternational.co.uk/sql-server-2000-training-uk.html" target="_parent">SQL Server 2000 Applications Development training course uk</a> | <a href="http://www.jbinternational.co.uk/sql-server-2000-dba-training-uk.html" target="_parent">SQL Server 2000 DBA (Database Administration) training course uk</a> | <a href="http://www.jbinternational.co.uk/sql-server-performance-tuning-training-uk.html" target="_parent">SQL Server Performance tuning training course uk</a> | <a href="http://www.jbinternational.co.uk/sql-server-2005-training-uk.html">SQL Server 2005 programming training course</a> | <a href="http://www.jbinternational.co.uk/sql-server-2005-administration-training-uk.html">SQL Server 2005 DBA Administration Training Course</a> | <a href="http://www.jbinternational.co.uk/sql-server-2005-comprehensive-upgrade-training-uk.html">SQL Server 2005 Upgrade Training Course</a> |<a href="http://www.jbinternational.co.uk/javascript-training-uk.html" target="_parent">javascript training course uk</a> | <a href="http://www.jbinternational.co.uk/dynamic-html-javascript-training-uk.html" target="_parent">dynamic html (DHTML) & javascript training course uk</a> | <a href="http://www.jbinternational.co.uk/oracle9i-sql-intro-outline.html" target="_parent">oracle 9i intro to SQL training course uk</a> | <a href="http://www.jbinternational.co.uk/oracle9i-dba-outline.html" target="_parent">Oracle 9i DBA training course uk</a> | <a href="http://www.jbinternational.co.uk/oracle-6i-forms-outline.html" target="_parent">Oracle Forms training course uk</a> | <a href="http://www.jbinternational.co.uk/oracle-6i-reports-outline.html" target="_parent">Oracle Reports training course uk</a> | <a href="http://www.jbinternational.co.uk/visint-outline.html" target="_parent">asp training course uk</a> | <a href="http://www.jbinternational.co.uk/index-asp-visual-interdev-training-uk.html" target="_parent">asp visual interdev training course uk</a> | <a href="http://www.jbinternational.co.uk/html-training-uk.html" target="_parent">html training course uk</a> | <a href="http://www.jbinternational.co.uk/web-design-training-uk.html" target="_parent">web design training course uk</a> | <a href="http://www.jbinternational.co.uk/unix-training-uk-fdamentals.html">unix basics training course uk</a> | <a href="http://www.jbinternational.co.uk/unix-training-uk-basics.html">unix fundamentals training course uk</a> | <a href="http://www.jbinternational.co.uk/unix-training-uk-system-administration.html">unix systems administration training course uk</a> </font> </td> </tr> </table><h1 align="center" class="BodyText">ASP.NET 2.0 TRAINING COURSE UK</h1> <p align="center" class="BodyText"> </p>  <table class="info" border="0" cellspacing="0" width="200" cellpadding="0"> <tr> <td valign="top"><img src="images/nav/infopanel/custom-on-site-training1.gif" width="170" height="290"></td> </tr> <tr> <td valign="top"><img src="images/nav/infopanel/custom-on-site-training2.gif" width="170" height="170"></td> </tr> <tr> <td valign="top"><img src="images/nav/infopanel/custom-on-site-training3.gif" width="170" height="44"></td> </tr> </table>  <script type="text/javascript"> sc_project=582355; sc_invisible=1; sc_partition=4; sc_security="c24ee6c6"; </script> <script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script><noscript><div class="statcounter"><a title="web statistics" href="http://www.statcounter.com/" target="_blank"><img class="statcounter" src="http://c5.statcounter.com/582355/0/c24ee6c6/1/" alt="web statistics" ></a></div></noscript>  <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-7571599-2"); pageTracker._trackPageview(); } catch(err) {}</script>  <script TYPE="TEXT/JAVASCRIPT" language="JavaScript">  </script> <script TYPE="TEXT/JAVASCRIPT" language="JavaScript">  </script>  <script type="text/javascript" language="javascript"> var sc_project=582355; var sc_invisible=1; var sc_partition=4; var sc_security="c24ee6c6"; </script> <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script> <noscript><a href="http://www.statcounter.com/" target="_blank"><img src="http://c5.statcounter.com/counter.php?sc_project=582355&java=0&security=c24ee6c6&invisible=1" alt="hit counter code" border="0"></a> </noscript>   <script type="text/javascript" language="javascript"> var sc_project=582355; var sc_invisible=1; var sc_partition=4; var sc_security="c24ee6c6"; </script> <script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/frames.js"></script><noscript><a href="http://www.statcounter.com/" target="_blank"><img src="http://c5.statcounter.com/counter.php?sc_project=582355&java=0&security=c24ee6c6&invisible=1" alt="hit counter code" border="0"></a> </noscript>  <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-7571599-2"); pageTracker._trackPageview(); } catch(err) {}</script> </body>