Csce
rootcon.JPG

Spectramind is Sponcering partner for the conference

CSCE: Secure Coding Principles and Practices (Certification)
[ 4 days ]

Course Description
Software security is big concern for organizations today. More and more attacks are being directed towards software applications and understanding these attacks and how to design software to protect against these attacks is becoming more of a necessity. This course seeks to provide a foundation for those professionals who are responsible for designing, architecting, coding and testing software solutions through a series of lectures and hands on labs.
BENEFITS OF THIS COURSE:
This 4-day course delivers a strong and in-depth view into fundamentals of software security and secure coding. Through a mixture of instructor-led lectures and hands on exercises, students will have learn how to identify security flaws early in the development process and how design and code to eliminate these flaws. All examples and lessons are presented in a variety of high level and scripting languages

Prerequisites
Mandatory
basic knowledge of a high level language such as C, Java, Perl, PHP and C#
Knowledge of information security principles
Understanding of network protocols
Completion of CPTC & CPTE or equivalent knowledge
Course Completion Skills:
Students will have a sound understanding of common vulnerabilities found in today's software and how to defend against them. Students will gain knowledge in creating secure designs and code and how to apply this knowledge to their daily tasks.
Module 1 Software Security Explained
In order for students to understand how to write secure software, they must understand what software security is. In module 1, students will gain a deep understanding of key security concepts and issues in with securing software.
Definition of Software Security
Understanding Software Security
Foundation of Security
Challenges With Security
The Rise of Insecure Software
Software Security Methodology
The Teams ‘s Roles and Responsibilities
Developer's Role and Responsibilities
Common Vulnerabilities
Staying Informed
Module 2 Setting the Stage The Attack
Protecting your system means knowing your attacker. This module covers the process that attackers follow when targeting and attacking systems. Students get an introduction to the penetration testing process, how to use these techniques to test their software and a variety of tools used during the process.
Learning Attack Methods
Developer's Point of View
Know the Attacker
Methodology of Penetration Testing
Reconnaissance
Methods of Obtaining Information
Passive vs. Active Reconnaissance
Footprinting Defined
Footprinting Countermeasures
Enumeration
Introduction to Port Scanning
Case Study and Lab
Module 3 Risk Management
If you know what the risks are, how do you track them? Risk management is a key concept needed to identify and track risks throughout the development process to ensure that risks are captured and mitigated appropriately.
Important Terms
The Importance of Risk Management
When Should it Start
The Risk Management Process
Risk Analysis
Report Your findings
Case Study and Lab
Module 4 Threat Modeling
How do you identify weak points in your software? This module covers a framework that can be used to identify various attack vectors in software designs and how to use this information to secure your system.
Threat Modeling Defined
The Threat Modeling Process
Threat Methodologies
How to Respond to Threats
Mitigating Threats
Case Study and Lab
Module 5 Secure SDLC
To consistently write secure software, the process of building software must incorporate security. This module covers the process of designing and building secure software and the problems with traditional methods.
Secure SDLC Overview
A Secure Process
Manager's Point of view
Developer's Point of View
Why Change?
Consumer Expectations
Business Responsibility
Phases of The Development Lifecycle
Case Study and Lab
Module 6 Secure Architecture and Design
Secure code starts with a secure design. Module 6 focuses on the process of designing software with security built in and the benefits of this method versus the traditional method of adding security during or after the code has been written.
Design It Secure
Design Considerations
The SD3 Framework
Understanding the Environment
Technical Issue
Security in Layers
Attacks
Buy vs. Build
Filters
Case Study and Lab
Module 7 Writing Secure Code
Module 7 covers the key concepts students need to write secure code. Students will learn how to build validation and logging frameworks to prevent the most common attacks, log potential intrusion attempts and audit user and system activity. Students will also learn how to perform code reviews.
Data Validation
Defending the Attack
Error and Exception Handling
Logging and Auditing
Authentication
Web Authentication Methods
Authorization
Security Code Reviews
Case Study and Lab
Module 8 Cryptography
Developers must understand the different encryption options available and when to choose one method over another. This module will provide students with a thorough understanding of encryptions methods, what criteria should be used when deciding to use an encryption method and the pros and cons of each.
Cryptography Introduction
Encryption
Implementation.
Symmetric Encryption
Symmetric Algorithms
Asymmetric Encryption
Key Exchange
Hashing
Hash Collisions
Common Hash Algorithms
Hybrid Encryption
Digital Signatures
SSL Hybrid Encryption
IPSEC
Transport Layer Security - SSH
PKI
Public Key Infrastructure Models
PKI-Enabled Applications
Quantum Cryptography
Attack Vectors
Case Study & Lab
Module 9 Attacking the Database
The reason why most software applications exist is to gather, process and store some type of data. Module 10 gives the student insight into how databases are attacked. Students get a low level view of specific database attacks and the tools and methods during these attacks.
Overview of Database Servers
Types of Databases
Tables, Records, Attributes, Domains
Data Normalization, SQL , Object-Oriented Database Management
Relational Database Systems
Vulnerabilities and Common Attacks
Extended Stored Procedures
Shutting Down SQL Server
Direct Attacks
Attacking Database Servers
Obtaining Sensitive Information
Hardening Databases
Module 10 Attacking the Web
With so many software applications moving to the Internet, web applications have become one of the most attacked surfaces in the software space. Module 9 gives students the opportunity learn about the different attacks used against web technologies and how to protect their systems.
Common Security Threats
Sans Seven Management Errors
Progression of The Professional Hacker
Anatomy of A web application attack
Web Attack Techniques
Components of a generic web application system
URL mappings to the web application system
Pen Testing tools and methodologies for Web Servers assessment
Understanding Web Application Security
Common Web Application Security Vulnerabilities
Authentication And Session Management
Password Guessing/Cracking Tools
Case Study and Lab

*Every effort is made to ensure the accuracy of our outlines as course information from our suppliers changes with each new revision. As a result this outline is subject to change without prior notice.

Registration Details

Course Fee:
Single Nomination:
USD 400/- OR INR 18000/-

Avail Special Discounts Avail Special Discounts Avail Special Discounts Avail Special Discounts
5% Discount for Early Bird Registrations (15 Days in advance to the program date) 5% Discount on Task force of 4 to 7 10% Discount on task Force of 8 and above 10% discount applicable to /SANS/ GIAC/CSWE/CDFE/CIHE/CISSP/CISA/ Qualified Professionals, Mile2/BA/PMI /SEG /CII/SPIN /CSI and NASSCOM Members

NOTE: Only one discount option is applicable at any time++ Course Dates, Venue & Timings:

Sl.No. State City Batch1-Date Batch1-Date Batch2-Date Batch2-Date Batch3-Date Batch3-Date Batch4-Date Batch4-Date Venue Contact
01 AP Hyderabad - - 23-Apr'11 27-Apr'11 7-may'11 11-may'12 4-Jun’12 8-Jun’12 Ameerpet/Hightechcity Jason-91-40-64568797
02 Delhi Delhi/Gurgaon/Noida - - 28-Apr'12 29-Apr'12 26-May’12 27-May’12 23-Jun’12 24-Jun’12 Nehru place / Noida sector 6 Arun : 9810 328046
03 Karnataka Bangalore - - 5-May’12 6-May’12 26-MAY’12 27-May’12 2-June'12 3-June'12 DBS House 26, Cunningham Road ,Opp Indian Express Building, Bangalore - 560 052 Sundar Raj
04 Maharashtra Mumbai - - 21-Apr’12 22-Apr’12 19-May’12 20-May’12 16-Jun’12 17-Jun’12 DBS Heritage,Prescot Road,Opp. Cathedral Sr. School,Fort, Mumbai 400001. DBS Heritage (From Airport instruct the car / cab driver to drive to Fort, Fashion Street. It’s near Siddharth College, Budha Bhavan. Also there are schools like J. P. Pettit School & Cathedral Sr. School Mr.Vasudev
05 Maharashtra Pune 19-May'12 20-May'12 - - - - 30-Jun'12 1-Jul'12 Level-5, Tech Park-1, Airport Road, Yerwada, Pune - 411 006, India Mr.Manish
06 Tamilnadu Chennai - - 14-Apr'12 15-Apr'12 12-MAY'12 13-MAY'12 9-Jun’12 10-Jun’12 DBS House 31A, Cathedral Garden Rd ,Between Hotel Palmgrove and Valluvarkottam Nugambakkam,Chennai - 600034 Mr.Solomon
07 Westbengal Kolkata - - 30-Apr'12 1-May'12 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS House 10/2, Hungerford Street,Opp. Exit Gate of Saturday Club,Kolkata - 700017 Mr.Sandeep
08 Kerala Trivandrum - - 30-Apr'12 1-May'12 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS center Mr.Manoj
09 Kerala Cochin - - 30-Apr'12 1-May'12 30-May'12 31-May'12 30-Jun'12 1-Jul'12 ThomasMount ,ICTA Building,Changampuzha Nagar P.O.,Cochin- 682 033 Mr.Manoj: 9995881093
10 Tamilnadu Coimbatore - - - - 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS Center Mr.Balaji
11 Maharashtra NAGPUR - - - - 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS House Mr.Yogesh -9890952752
12 Gujarat Ahmedabad 16-Apr'12 17-Apr'12 - - - - 30-Jun'12 1-Jul'12 Aakruti Complex,Nr. Stadium Cross Road, Navrangpura,Ahmedabad-380009, Gujarat, INDIA Mr.Alok
13 Africa Johannesburg 29-MAY'12 31-MAY'12 - - - - - - Johannesburg,Africa Mr.Kamanbedu
14 Brazil São Paulo 26-JUN'12 28-JUN'12 - - - - - - Rua Rosa e Silva, No. 137, Apt - 4,Santa Cecilia,São Paulo, Brazil. CEP - 01230-020 Mr.Abhishek Ph - (55) - (11) - 87154930
15 Philippines Manila 24-JUL'12 26-JUL'12 - - - - - - Makati ,Philippines Mr.Sandeep : (+63)-917-872-3931
16 Nepal Khatmandu 28-AUG'12 30-AUG'12 - - - - - - Khatmandu Mr.ARun
17 Republic of Mauritius mauritius 25-SEPT'12 27-SEPT'12 - - - - - - mauritius Mr.ARun
18 Srilanka Colombo 1-MAY'12 3-MAY'12 - - - - - - Colombo,Srilanka Ms.Buddhini
19 Canada Toronto 23-OCT'12 25-OCT'12 - - - - - - 203 Royal Appian Cres, Concord ON 14K513 Mrs.Vala Ph.4169391252
20 USA Boston 16-Apr'12 17-Apr'12 - - - - - - Boston,USA Mr.Gaurav
21 UK London 21-DEC'12 23-DEC'12 - - - - - - London,UK Mr. BV Rao -0044-7891461544
22 USA California 16-Apr'12 17-Apr'12 - - - - - - 12128 Skylark Rd Clarksburg MD 20871 California ,USA Mr.Prashanth Ph : 001 - 240-257-2624
23 Bangladesh Dhaka 27-NOV'12 29-NOV'12 - - - - - - Dhaka Mr.Arun
24 ARMENIA GEORGIA 8-MAY'12 10-MAY'12 - - - - - - TIBLISI,Armenia Mr.Abata
25 Honkong Honkong 27-NOV'12 29-NOV'12 - - - - - - Honkong Mr.Peter
25 SAUDIARABIA RIYADH 28-MAY'12 30-MAY'12 - - - - - - RIYADH Mr.Rasheed 96626860652

Kindly register for the courses in your cities at least 2 days in advance.
Timings: 0900 - 2100 hrs

Contact Details:

Mr. Vijay

Mobile: 0 94400 89341

Phone: 040-6456 8797

Register Online: moc.snoitulosdnimartceps|ofni#moc.snoitulosdnimartceps|ofni
Email: ni.oc.oohay|pmpaqscyajiv#ni.oc.oohay|pmpaqscyajiv

Yahoo chat : vijaycsqapmp
Google chat/Skype chat/AOL chat/ICQ chat : tiptopten2000
Hotmail/Live chat / Rediff chat : tiptopten

http://spectramindsolutions.com


Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License