Call Us: +32 2 466 00 16
Email: info@u2u.be
Follow Us:

Web Security Development Techniques

2 days
uec4
2 days

Upcoming Sessions

Date: currently not scheduled

Format: Classroom

Price: 0€

Subscribe to waiting list

Date: currently not scheduled

Format: Classroom

Price: 0€

Subscribe to waiting list

Interested in a private company training? Request it here.

Security: a Many Pronged Word

Security. This word has many meanings, depending on how you look at things. For some people security means that others should not be able to see the data you are sending or storing. For others this means making sure you know who is using your system and determining what actions they can perform with it. Sometimes it means ensuring the data cannot be changed in transit. Here we will look at all the different meanings of security and discuss 10 rules you should always adhere to.

  • Non-disclosure
  • Authentication
  • Authorization
  • Data-tampering
  • Security testing is different
  • Applying STRIDE
  • The Ten Immutable Laws of Security

Privacy

How do you keep prying eyes away from your data? Encrypting data ensures that only the intended receiver of the data can understand it. So how does this work? We will look at symetric keys versus asymtric ones. We will also look at the most used encryption algorighms, what role certificates play and describe how TLS and HTTPS work.

  • What is Encryption?
  • Understanding symmetric keys
  • And what about asymmetric keys
  • Hybrid encryption
  • Hashing
  • Properly store passwords with hashing and salt
  • What are digital signatures?
  • Certificates, SSL, TLS and HTTPS
  • LAB: Encryption

OWASP Top 10 - Web Security Threats and Defences

To better protect yourself against attacks, you should first learn what kind of attacks are common. Once you understand these attacks we can look at defending against them.

  • OWASP - Top 10 security issues
  • Broken Access Control
  • Cryptographic Failures
  • Injection
  • Insecure Design
  • Security Misconfiguration
  • Vulnerable and Outdated Components
  • Indentification and Authentication Failures
  • Software and Data Integrity Failures
  • Security Logging and Monitoring Failures
  • Server-Side Request Forgery
  • Extra: Denial of Service

Security best practices

How can I make my application more secure? Start by applying security best practices! Simply applying these security best practices will prevent many common exploits.

  • Never trust input
  • Always properly encode output
  • Apply good access control
  • Run with least privilege
  • Securely store (or better yet - not) secrets
  • Don't tell the hacker anything
  • Allow long password/passphrases
  • Default to secure configuration
  • Generate good random numbers
  • LAB: Finding vulnerabilities in a webshop

Cyber security is becoming an increasingly important topic for organizations. The quantity and importance of data entrusted to web applications is growing, and defenders need to learn how to secure them. As a modern web developer mastering these skills is important because you cannot afford not to!

This course is meant for developers that have experience with ASP.NET MVC or ASP.NET Core and want to make the world a safer place through applied security best practices.

Contact Us
  • Address:
    U2U nv/sa
    Z.1. Researchpark 110
    1731 Zellik (Brussels)
    BELGIUM
  • Phone: +32 2 466 00 16
  • Email: info@u2u.be
  • Monday - Friday: 9:00 - 17:00
    Saturday - Sunday: Closed
Say Hi
© 2022 U2U All rights reserved.