Secure Code培训

Secure Code大纲

代码 名字 期限 概览
cl-osc The Secure Coding Landscape 14小时 The course introduces some common security concepts, gives an overview about the nature of the vulnerabilities regardless of the used programming languages and platforms, and explains how to handle the risks that apply regarding software security in the various phases of the software development lifecycle. Without going deeply into technical details, it highlights some of the most interesting and most aching vulnerabilities in various software development technologies, and presents the challenges of security testing, along with some techniques and tools that one can apply to find any existing problems in their code. Participants attending this course will  Understand basic concepts of security, IT security and secure coding Understand Web vulnerabilities both on server and client side Realize the severe consequences of unsecure buffer handling Be informated about some recent vulnerabilities in development environments and frameworks Learn about typical coding mistakes and how to avoid them Understand security testing approaches and methodologies Audience Managers Agenda Introduction IT security and secure coding Security challenges of various platforms – highlights – C/C++ (native code) secure coding Web application security Java platform security Challenges of security testing
devopssecurity DevOps Security: Creating a DevOps security strategy 7小时 DevOps is a software development approach that aligns application development with IT operations. Some of the tools that have emerged to support DevOps include: automation tools, containerization and orchestration platforms. Security has not kept up with these developments. In this course, participants will learn how to formulate the proper security strategy to face the DevOps security challenge. Audience     Devops engineers     Security engineers Format of the course     Part lecture, part discussion, some hands-on practice Introduction     How DevOps creates more security risk for organizations         The price of agility, speed and de-centralized control Inadequacies of traditional security tools     Security policies     Firewall rules     Lack of APIs for integration     Lack of visualization tools Implementing a DevOps-ready security program Aligning security with business goals Removing the security bottleneck Implementing detailed visibility Standardizing security configurations Adding sensors into the application     Interactive Application Security Testing     Runtime Application Self-Protection Providing security data to DevOps tools through RESTful APIs On-demand scaling, micro-perimeterization of security controls Per-resource granular security policies Automating attacks against pre-production code Continually testing the production environment Protecting web applications from an Agile/DevOps perspective Securing containers and clouds Embracing next generation automated security tools The future of DevOps and its strategic role in security Closing remarks
embeddedsecurity Embedded systems security 21小时 This training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems. By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software. Audience     Embedded systems professionals     Security professionals Format of the course     Part lecture, part discussion, hands-on practice Introduction     Security vs embedded systems security Characteristics of embedded application security     Embedded network transactions     Automotive security     Android devices     Next-generation software-defined radio Critical aspects of an embedded system     Microkernel vs monolith     Independent security levels     Core security requirements     Access control     I/O virtualization Performing threat modeling and assessment       Attackers and assets     Attack surface     Attack trees     Establishsing a security policy Developing secure embedded software     Secure coding principles     Secure program design     Minimal Implementation     Component architecture     Least privilege     Secure development process     Independent expert validation     Model-driven design     Code review and static analysis     Security testing     Peer code reviews Understanding and implementing cryptography     Cryptographic modes     Cryptographic hashes     Cryptographic certifications     Managing keys     Block ciphers     Message Authentication Codes     Random Number Generation Data protection     Data-in-motion protocols     Securing data in motion     Data-at-rest protocols     Securing data at rest Mitigating attacks     Common software attacks     Preventing side-channel attacks Retrofitting security in existing projects     Securing bootloaders and firmware updates Closing remarks


课程日期价格【远程 / 传统课堂】
The Secure Coding Landscape - 香港 - 中環中心星期一, 2017-10-09 09:30¥21420 / ¥31420
The Secure Coding Landscape - 北京 - 创而新大厦星期一, 2017-10-09 09:30¥21420 / ¥25420


Secure Code,培训,课程,培训课程, Secure Code教程,Secure Code老师,一对一Secure Code课程,Secure Code培训师,Secure Code晚上培训,Secure Code周末培训,学Secure Code班,小组Secure Code课程,短期Secure Code培训,Secure Code辅导班,企业Secure Code培训,Secure Code远程教育,Secure Code私教,Secure Code课程,学习Secure Code ,Secure Code训练,Secure Codes辅导