SANS Software Security Institute
SANS Software Security Institute
Home > Courses

Software Security Courses

Choose a subject from the menu above.

Web Applications

  • Web Application Pen Testing Hands-On Immersion : Developer 538

    In the first half of 2008, five million Web sites were compromised by automated SQL injection attacks. The hackers' goal was to inject links to malicious content in order to infect the users of the Web application. These automated attacks do not show any sign of stopping and will likely visit your Web applications in the near future. ... >>more

  • Web App Penetration Testing and Ethical Hacking : Security 542

    Assess Your Web Apps in Depth Web applications are a major point of vulnerability in organizations today. Web app holes have resulted in the theft of millions of credit cards, major financial and reputational damage for hundreds of enterprises, and even the compromise of thousands of browsing machines that visited Web sites altered by attackers.... >>more

  • Intro to Web Application Security : Developer 319

    From a mere 26 Web servers operating in November 1992 growing to well over 100 million Web sites today, we have come a long way in Web technology over a short period of time. Today, almost every organization has its own Web site for conducting business transactions or other critical functions. And for many companies, their online presence has... >>more

  • Defending Web Applications Security Essentials : Developer 422

    Defending Web Application Security Essentials is a four-day, hands-on, action-packed course covering the defensive strategies for Web applications against current and future attacks. This course will help you understand the fundamental reasons behind the Web vulnerabilities which will then enable you to properly defend your organization's Web... >>more

  • Secure Code Review for Java Web Apps : Developer 534

    All software development projects produce at least one artifact - CODE! Conducting security focused code reviews can be one of the most effective methods of finding severe application vulnerabilities and is becoming an integral part of many secure software development processes. This course focuses on web application vulnerabilities and shows you... >>more

Secure Coding

  • Secure Coding in Java/JEE: Developing Defensible Applications : Developer 541

    The Difference between Good and Great Programmers Great programmers have traditionally distinguished themselves by the elegance, effectiveness, and reliability of their code. That's still true, but elegance, effectiveness, and reliability have now been joined by security. Major financial institutions and government agencies have informed... >>more

  • Secure Coding for PCI Compliance : Developer 536

    The audit procedure documents for PCI 1.2 tell the auditor that they should look for evidence that web application programmers in a PCI environment have had "training for secure coding techniques." The problem that many business are facing, however, is, "What is that and where can I get it?" This course packs a thorough explanation and... >>more

  • Secure Coding in .NET: Developing Defensible Applications : Developer 544

    ASP.NET and the .NET framework have provided web developers with tools that allow them an unprecedented degree of flexibility and productivity. On the other hand, these sophisticated tools make it easier than ever to miss the little details that allow security vulnerabilities to creep into an application. Since ASP.NET, 2.0 Microsoft has done a... >>more

  • Secure Coding in PHP: Developing Defensible Applications : Developer 545

    This course targets PHP programmers interested in learning more about how to code in PHP securely. It does require a good understanding of PHP and some experience writing PHP code. The code targets both beginning and advanced PHP programmers, but it is not appropriate for those who have not written any PHP code yet. We will not cover how to... >>more

  • Secure Coding in C: Developing Defensible Applications : Developer 548

    Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in C and C++ programming. This course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is... >>more

Audit

  • Java Quality Assurance, Security Testing and Auditing : Audit 428

    This course is designed to fully equip the auditor, risk manager, or security professional tasked to audit Java/J2EE Web-based applications for security vulnerabilities. This is not a developer course, but some basic familiarity with programming will be a great help. This course is the perfect opportunity for a non-programmer to receive a... >>more

All Courses

  • Web Application Pen Testing Hands-On Immersion : Developer 538

    In the first half of 2008, five million Web sites were compromised by automated SQL injection attacks. The hackers' goal was to inject links to malicious content in order to infect the users of the Web application. These automated attacks do not show any sign of stopping and will likely visit your Web applications in the near future. ... >>more

  • Web App Penetration Testing and Ethical Hacking : Security 542

    Assess Your Web Apps in Depth Web applications are a major point of vulnerability in organizations today. Web app holes have resulted in the theft of millions of credit cards, major financial and reputational damage for hundreds of enterprises, and even the compromise of thousands of browsing machines that visited Web sites altered by attackers.... >>more

  • Intro to Web Application Security : Developer 319

    From a mere 26 Web servers operating in November 1992 growing to well over 100 million Web sites today, we have come a long way in Web technology over a short period of time. Today, almost every organization has its own Web site for conducting business transactions or other critical functions. And for many companies, their online presence has... >>more

  • Defending Web Applications Security Essentials : Developer 422

    Defending Web Application Security Essentials is a four-day, hands-on, action-packed course covering the defensive strategies for Web applications against current and future attacks. This course will help you understand the fundamental reasons behind the Web vulnerabilities which will then enable you to properly defend your organization's Web... >>more

  • Secure Code Review for Java Web Apps : Developer 534

    All software development projects produce at least one artifact - CODE! Conducting security focused code reviews can be one of the most effective methods of finding severe application vulnerabilities and is becoming an integral part of many secure software development processes. This course focuses on web application vulnerabilities and shows you... >>more

  • Secure Coding in Java/JEE: Developing Defensible Applications : Developer 541

    The Difference between Good and Great Programmers Great programmers have traditionally distinguished themselves by the elegance, effectiveness, and reliability of their code. That's still true, but elegance, effectiveness, and reliability have now been joined by security. Major financial institutions and government agencies have informed... >>more

  • Secure Coding for PCI Compliance : Developer 536

    The audit procedure documents for PCI 1.2 tell the auditor that they should look for evidence that web application programmers in a PCI environment have had "training for secure coding techniques." The problem that many business are facing, however, is, "What is that and where can I get it?" This course packs a thorough explanation and... >>more

  • Secure Coding in .NET: Developing Defensible Applications : Developer 544

    ASP.NET and the .NET framework have provided web developers with tools that allow them an unprecedented degree of flexibility and productivity. On the other hand, these sophisticated tools make it easier than ever to miss the little details that allow security vulnerabilities to creep into an application. Since ASP.NET, 2.0 Microsoft has done a... >>more

  • Secure Coding in PHP: Developing Defensible Applications : Developer 545

    This course targets PHP programmers interested in learning more about how to code in PHP securely. It does require a good understanding of PHP and some experience writing PHP code. The code targets both beginning and advanced PHP programmers, but it is not appropriate for those who have not written any PHP code yet. We will not cover how to... >>more

  • Secure Coding in C: Developing Defensible Applications : Developer 548

    Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in C and C++ programming. This course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is... >>more

  • Java Quality Assurance, Security Testing and Auditing : Audit 428

    This course is designed to fully equip the auditor, risk manager, or security professional tasked to audit Java/J2EE Web-based applications for security vulnerabilities. This is not a developer course, but some basic familiarity with programming will be a great help. This course is the perfect opportunity for a non-programmer to receive a... >>more

Management

Coming Soon

Compliance

Coming Soon