Certified Secure Programmer .Net | ECSP Course

ECSP

EC-Council Certified Secure Programmer .Net (ECSP) Course

iLearn Self-Paced Base package includes:

  • Instructor led training modules (1 year access)
  • Official e-courseware (1 year access)
  • iLabs access (6 Months Access)
  • Certificate of Completion for each course
  • Exam Voucher

Ask about our group bundles and discounts

$999.00 Add to cart

Course Description

Software defects, bugs, and flaws in the logic of the program are consistently the cause for software vulnerabilities. Analysis by software security professionals has proven that most vulnerabilities are due to errors in programming. Hence, it has become a must for organizations to educate their software developers about secure coding practices.

Attackers try to find security vulnerabilities in the applications or servers and then try to use these vulnerabilities to steal secrets, corrupt programs and data, and gain control of computer systems and networks. Sound programming techniques and best practices can be used to develop high quality code to prevent web application attacks. Secure programming is a defensive measure against attacks targeted towards application systems.

This course will be invaluable to software developers and programmers alike to code and develop highly secure applications and web applications. This is done throughout the software life cycle that involves designing, implementing, and deployment of applications.

.Net is widely used by almost all organizations as the leading framework to build web applications.

The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development life cycle to improve the overall quality of products and applications.

EC-Council Certified Secure Programmer lays the foundation required by all application developers and development organizations to produce applications with greater stability and fewer security risks to the consumer. The Certified Secure Application Developer standardizes the knowledge base for application development by incorporating the best practices followed by experienced experts in the various domains.

This course is purposefully built with tons of labs peppered throughout the three days of training, offering participants critical hands on time to fully grasp the new techniques and strategies in secure programming.

Course Overview

ECSP Course Demo

Meet your Instructor:

iLabs Demo:

This course will:

  • Familiarize you with .Net Application Security, ASP.Net Security Architecture and help you understand the need for application security and common security threats to .Net framework
  • Discuss security attacks on .Net frame work and explain the secure software development life cycle
  • Help you to understand common threats to .Net assemblies and familiarize you with stack walking processes
  • Discuss the need for input validation, various input validation approaches, common input validation attacks, validation control vulnerabilities, and best practices for input validation
  • Familiarize you with authorization and authentication processes and common threats to authorization and authentication
  • Discuss various security principles for session management tokens, common threats to session management, ASP.Net session management techniques, and various session attacks
  • Cover the importance of cryptography in .Net, different types of cryptographic attacks in .Net, and various .Net cryptography namespaces
  • Explain symmetric and asymmetric encryption, hashing concepts, digital certificates, digital and XML signatures
  • Describe the principles of secure error handling, different levels of exception handling, and various .Net logging tools
  • Examine file handling concepts, file handling security concerns, path traversal attacks on file handling, and defensive techniques against path traversal attack

Students in this course will acquire knowledge in the following areas:

  • .Net framework security features and various secure coding principles
  • .Net framework run time security model, role-based security, code access security (CAS), and class libraries security
  • Various validation controls, mitigation techniques for validation control vulnerabilities, defensive techniques for SQL injection attacks, and output encoding to prevent input validation attacks
  • Defensive techniques against session attacks, cookie security, and View State security
  • Mitigating vulnerabilities in class level exception handling, managing unhandled errors, and implementing windows log security against various attacks
  • Defensive techniques against path traversal attacks and defensive techniques against canonicalization attack and file ACLs
  • Mitigating vulnerabilities in machine config files, mitigating the vulnerabilities in app config files, and security code review approaches
  • The importance of secure programmers and certified secure programmers, the career path of secure programmers, and the essential skill set of secure programmers

Course Outline

  • Introduction to .NET Application Security
  • .NET Framework Security
  • Input Validation and Output Encoding
  • .NET Authentication and Authorization
  • Secure Session and State Management
  • .NET Cryptography
  • .NET Error Handling, Auditing, and Logging
  • .NET Secure File Handling
  • .NET Configuration Management and Secure Code Review

Training Methods

iLearn Self-Paced Online Security Training

iLearn is EC Council’s facilitated self-paced option. Facilitated in that all of the same modules taught in the live course are recorded and presented in a streaming video format. Self-paced in that a certification candidate can set their own learning pace by pausing the lectures and returning to their studies as their schedule permits!

The base iLearn package includes:

One Year Access to the official e-courseware, 6 months access to EC-Council’s official Online lab environment (iLabs) with all tools pre-loaded into platform, Certification Voucher & expert instructor-led training modules with streaming video presentations, practice simulators and learning supplements including official EC-Council Courseware for an all-inclusive training program that provides the benefits of classroom training at your own pace.

In an effort to keep our base package affordable in this tough economy, the iLearn pricing structure was designed to provide the most amount of training for the least amount of budget. However, we realize that everyone learns differently, so we have added popular upgrade options such as tablets, DVDS, Additional Labs, or physical courseware.


$999.00 Add to cart

Live, Online, Instructor-led

Live,Online courses delivered Live, Online by a Certified EC-Council Instructor! Courses run 8 am to 4 pm Mountain time, Monday thru Friday.

Training Includes:

  • Official Courseware
  • iLabs, Online Labs (6 Months Access)
  • Certification Exam Voucher
  • Test Prep Program

Request Information

Client-Site

EC-Council can bring a turn-key training solution to your location. Call for a quote. Training Includes:

Training Includes:

  • Official Courseware
  • iLabs, Online Labs (6 Months Access)
  • Certification Exam Voucher
  • Test Prep Program
  • Test Pass Guarantee

Request Information

Courseware Only

We recognize that some folks have the background and experience to forgo training, so official courseware is available for self-study.

*Cost includes shipping

Note: The exam runs $650 with $100 application fee.


Request Information