Consulting Training Blog Careers About Us Contact Us
All Classes Will Be Held Virtually – Live Online Intertech's Training Division has been successfully instructing professionals through virtual live online training since the advent of the smartboard. It is a proven form and offers the convenience of live questions, group interaction, and labs with an instructor looking over your shoulder. Because of this, we will continue all classes live but virtually, including Agile and Scrum instruction, so businesses and individual’s seeking professional development can keep moving forward during these unexpected times.

Securing .NET Applications Training

Upcoming Classes

Click the Get Notified button for priority notification when a class is next scheduled.

Get Notified

On Site/Private

Can't find a class that fits right for you? Contact us to inquire about scheduling your own private class

Contact Us

Description

When creating .NET applications for the web, mobile, or desktop, developers must design and use the best practices for security with the same emphasis as used with maintainability, usability, and performance. Like a chain, software is only as strong as its weakest link. No software can or should ever be considered 100% secure but it can always be made more secure. Today, as security experts discover and report the latest most common attacks to educate the industry, hackers are also learning about them and developing tools to use them for ill-gotten gains against our hardware and software.

This three-day .NET security course teaches .NET developers how to design and develop their code to prevent attacks from today’s most common exploits used by hackers. This course covers the most common versions of .NET including the .NET framework, .NET Standard, and .NET Core. With these frameworks, it covers creating ASP.NET web applications, class libraries, desktop applications, mobile applications, Web/REST services, and single pages applications (SPAs).

This course teaches developers how to write .NET software that defends against the latest threats outlined in OWASP’s top 10 threats and CWE/SANS top 25 most dangerous software errors. It also covers all the current PCI DSS 3.2.1 6.x standard requirements.

Bring This Course To You

For groups of 5 or more, let Intertech bring this course to your location. Customized versions tailored towards your objectives are also available.

Learn More

Course Outline

Cyber Security

  • Think like a hacker
  • Client side vs. Server side
  • Red Team and Blue Team
  • Limit your attack surface
  • Internal and External security
  • Authentication and Authorization
  • Securing privileged access - Client to Database
  • Where's the source code stored?
  • OWASP Top Ten List
  • Get a Certified Ethical Hacker (CEH)
  • Stay current!

Securing .NET

  • Cryptography - Symmetric, Asymmetric, and hashing
  • Signing
  • Debug, Release, Custom
  • Reversing
  • Borrowing and stealing software
  • Reflection tools
  • Linting tools
  • Obfuscation
  • ngen.exe

Securing ASP.NET - Server Side

  • Web Forms vs. MVC
  • Overposting
  • When to Encode
  • Validating user data
  • Sanitizing user data
  • Only expose what you need to expose
  • ASP.NET Security configuration

Securing ASP.NET - Client-Side

  • Validation
  • Forms of Cross-Site Scripting (XSS)
  • Microsoft Anti-XSS Library
  • Cross-Site Request Forgery (CSRF)

Securing Web API REST and Web Services

  • Publishing end points

Free Resources from Intertech

2 Free Resources: Missed Issues in Software Estimation and Stakeholder Questionnaire

Free eBook: .NET Architecture and Design

Free eBook: .NET

X