Community developer events

Writing Secure Code in .NET

Date
14-16 May 2007 (Add to calendar) GMT
Venue
JB International , London, GB
Cost
£1200+VAT

Writing Secure Code in .NET Training Course Outline

Security Overview

The Need for Secure Systems
Trustworthy Computing
Proactive Security Development
SD 3 : Secure by Design, by Default, and in Deployment
Security Principles
Threat Modelling

Security Techniques

Preventing Buffer Overruns
Determining Appropriate Access Control
Running with Least Privilege
Cryptographic Techniques
Protecting Secret Data
Guarding against Input
Canonical Representation Issues
Database Input Issues
Web-Specific Input Issues
Internationalization Issues
Socket Security
Securing RPC, ActiveX Controls, and DCOM
Protecting Against Denial of Service Attacks


Writing Secure .NET Code

Code Access Security Overview
Using FxCop
Strong-Named Assemblies
Specifying Assembly Permission Requirements
Use of Assert
Demands and Link Demands
Limiting Who Uses Your Code
XML and Configuration Files
Partial Trust Assemblies
Issues with Delegates
Issues with Serialization
The Role of Isolated Storage
Tracing and Debugging
General Good Practices


Security Testing

The Role of the Security Tester
Building Security Test Plans from a Threat Model
Testing Clients with Rogue Servers
Determining Attack Surface
Performing a Security Code Review


Secure Software Installation

Principle of Least Privilege
Using the Security Configuration Editor
Low-Level Security APIs



Building Privacy into Your Application

Malicious vs. Annoying Invasions of Privacy
Major Privacy Legislation
Privacy vs. Security
Building a Privacy Infrastructure
Designing Privacy-Aware Applications

 

Writing Security Documentation and Error Messages

Security Issues in Documentation
Security Issues in Error Messages
Information Disclosure Issues
Security Usability


Developers Security Checklist

Comments

  1. 01 Jan 1999 at 00:00

    This thread is for discussions of Writing Secure Code in .NET.

Leave a comment

Sign in or Join us (it's free).

Map

Other nearby events

  • Feb 26

    PHP UK Conference 2010

    7km away in London

    PHP UK Conference 2010 is PHP London's fifth annual conference.

  • Feb 17

    Talk on Flex integration with Spring using BlazeDS at the Adobe RIA meetup on Feb 17th

    8km away in London

    The talk is on Flex & Spring integration with Spring BlazeDS In this free tech talk at the Adobe RIA user group, Rick Evans will introduce Spring BlazeDS Integration. Spring BlazeDS Integration is a Spring Portfolio project that makes it easier to build Rich Internet Applications for the enterprise using Flex and Spring.

  • Mar 13

    Pub Standards 100

    8km away in London

    Celebrate the 100th Pub Standards!Special Event!Bring your mother!Take a day off work!Put the date in your Filofax NOW!

  • Feb 11

    London Geek Nights: Hydras and Hypermedia

    8km away in London, United Kingdom

    Let Ian Robinson, REST Guru, be your dungeon master! Do you know what your enterprise apps get up to in their time off? Fighting fantasy, pick-your-path, hypermedia-driven, RESTful Web application adventures--of course.

  • Mar 2

    London Geek Nights: Agile System Adminstration

    8km away in London, United Kingdom

    This is part of the Agile Sysadmin events. Agenda TBC but likely to be focussing on how admins should be part of the development team.

Related podcasts

Want to stay in touch with what's going on? Follow us on twitter!