Cybersecurity for Software Development: Secure Coding Practices (Learn secure coding techniques to build resilient and secure software applications)

Inter-company training

Who is the training for?

All

Level reached

Beginner

Duration

2,00 day(s)

Language(s) of service

EN FR

Next session

19.06.2024
Location
Luxembourg

Price

1350,00€

Prerequisites

None

Goals

a) Educate participants about the importance of secure coding practices in software development.
b) Provide insights into industry best practices for secure coding, with a focus on FOSS (Free and Open Source Software), privacy by design, and vulnerability analysis.
c) Explore real-world examples from the industry to highlight the impact of insecure coding practices and effective mitigation strategies.
d) Equip participants with practical techniques and tools to implement secure coding practices in their software development projects.
e) Address participant questions and concerns related to secure coding practices and vulnerabilities in software.

Contents

Module 1: Introduction to Secure Coding Practices

  • Overview of secure coding and its significance in developing robust and secure software
  • Understanding the implications of insecure coding practices on data privacy and cybersecurity
  • Exploring the benefits of incorporating security from the early stages of software development

Module 2: FOSS and Secure Coding

  • Understanding the advantages of utilizing FOSS for secure software development
  • Exploring popular FOSS libraries, frameworks, and tools for secure coding
  • Addressing potential security risks and best practices when using FOSS components

Module 3: Privacy by Design in Software Development

  • Introduction to privacy by design principles and their role in secure coding
  • Understanding how privacy considerations impact software architecture and functionality
  • Incorporating privacy-enhancing techniques in software design and development

Module 4: Vulnerability Analysis and Secure Code Review

  • Techniques for identifying vulnerabilities through code analysis and review
  • Introduction to static code analysis tools and their role in identifying security flaws
  • Conducting security testing and penetration testing to identify vulnerabilities

Module 5: Case Study 1: Heartbleed OpenSSL Vulnerability

  • Analyzing the impact of the Heartbleed vulnerability on OpenSSL
  • Understanding the root causes and consequences of this widely known security incident
  • Extracting lessons learned and preventive measures for secure coding

Module 6: Case Study 2: Facebook's Privacy Breaches

  • Examining privacy breaches at Facebook and their implications on user data
  • Understanding the consequences of insufficient security measures in software development
  • Extracting insights and best practices for privacy-focused secure coding

Module 7: Secure Input Validation and Output Encoding

  • Techniques for proper input validation to prevent common security vulnerabilities
  • Implementing output encoding techniques to protect against injection attacks
  • Addressing common coding pitfalls related to input validation and output encoding

Module 8: Secure Authentication and Access Control

  • Best practices for secure authentication mechanisms and password management
  • Implementing strong access control mechanisms to protect sensitive resources
  • Addressing common authentication and access control vulnerabilities

Module 9: Secure Error Handling and Logging

  • Techniques for secure error handling to avoid information leakage
  • Implementing secure logging practices to detect and investigate security incidents
  • Addressing common error handling and logging vulnerabilities

Points covered

a) Importance of secure coding practices in software development.
b) FOSS and its role in secure coding.
c) Privacy by design principles and their application in software development.
d) Vulnerability analysis and secure code review techniques.
e) Real-world case studies highlighting the impact of insecure coding practices.
f) Techniques for secure input validation, output encoding, authentication, and access control
g) Secure error handling and logging practices.

Teaching methods

Methodology based on Active Learning: 50% minimum practice. Each theoretical point is systematically followed by examples and exercises.

Evaluation

Continuous evaluation and monitoring

Certificate, diploma

Certificate of participation

Next session

Datum
City
Language and price
19.06.2024

20.06.2024
Luxembourg
EN 1350,00€
19.06.2024

20.06.2024
Online
EN 1350,00€
17.07.2024

18.07.2024
Online
EN 1350,00€
17.07.2024

18.07.2024
Luxembourg
EN 1350,00€
21.08.2024

22.08.2024
Luxembourg
EN 1350,00€
21.08.2024

22.08.2024
Online
EN 1350,00€
18.09.2024

19.09.2024
Online
EN 1350,00€
18.09.2024

19.09.2024
Luxembourg
EN 1350,00€
16.10.2024

17.10.2024
Luxembourg
EN 1350,00€
16.10.2024

17.10.2024
Online
EN 1350,00€
20.11.2024

21.11.2024
Online
EN 1350,00€
20.11.2024

21.11.2024
Luxembourg
EN 1350,00€
18.12.2024

19.12.2024
Luxembourg
EN 1350,00€
18.12.2024

19.12.2024
Online
EN 1350,00€

These courses might interest you