Application Security Curriculum

Application Security Curriculum Overview

Software Developer and Architect Training

Based on years of application security consulting work, Aspect's courses are designed to help developers and architects focus on what really matters. Architects will learn the common security controls, patterns, and principles necessary to design secure applications. Developers will learn about common vulnerabilities and how to avoid them with simple common security controls. Hands-on programming examples and security testing exercises drive home all the key application security principles, vulnerabilities, countermeasures, and patterns. All of Aspect's software developer and architect courses qualify for PCI Data Security Standard (PCI DSS) compliance.

Building and Testing Secure Web Applications - 2 days with hands-on programming

Taught to thousands of developers, testers, and architects, this course gives students hands-on experience with all the major security areas for web applications. Students will learn how to test their own applications and what to do to remediate problems.

Secure Coding for Java EE - 3 days with hands-on programming

Although billed as a secure language, Java EE applications have as many vulnerabilities as other languages. The Java edition of Secure Coding focuses on enabling Java EE developers and covers building secure applications with servlets, Struts, JSP, persistence layers, and more.

Secure Coding for ASP.NET - 3 days with hands-on testing & coding labs

Microsoft has made secure coding a key part of their software development process. This course teaches the key best practices for securing and testing .NET web applications with hands-on programming exercises.

Secure Coding for C#.NET- 3 days with hands-on testing & coding labs

Secure Coding for ColdFusion MX - 3 days with hands-on testing & coding labs

Cold Fusion applications can be difficult to secure. Developers will learn by actually securing a Cold Fusion application against many of the most common vulnerabilities.

Secure Coding for Classic ASP - 3 days with hands-on testing & coding labs

Many organizations have applications written in classic ASP. These applications don't have the same kind of security infrastructure available as modern environments. This course covers securing these applications with hands-on exercises to fix vulnerabilities.

Building Secure Web Services - 2 days with hands-on programming

Securing web services takes a focus on the fundamentals like input validation, authentication, access control, error handling and logging, as well as an understanding of all the standards and mechanisms in this fast-moving area. This course teaches both with practical implementation and testing techniques.

Building Secure Ajax and Web 2.0 Applications - 2 days with hands-on programming

Rich Internet applications using technologies like Ajax, Flash, ActiveX, and Java Applets require special attention to secure. This course addresses the special issues with this type of application development.

Security for Web Based Database Applications - 2 days with hands-on programming

At the highest level, the objective for this course is to ensure that database developers are capable of designing, building, and testing secure database applications and understand why this is important. This course is not focused on any particular database technology, but the hands on database coding labs are available in Oracle and SQL Server.

Software Tester and Quality Assurance Training

Aspect has performed penetration testing and security code review on thousands of applications. Our groundbreaking courses for software testers and quality assurance professionals will enable them to perform security verification of many security controls and identify many different types of vulnerabilities. Our hands-on testing and analysis environment provides a realistic environment for learning how to identify, diagnose, and evaluate application security risks.

Web Application Security Testing - 2 days with hands-on testing

This class includes hands-on exercises where the students get to apply their knowledge on real vulnerabilities in an actual live web application. This specially designed environment includes deliberate flaws the students have to find and diagnose. Students gain hands-on testing experience with freely available web application security test tools to find and diagnose flaws and learn to identify them in their own projects.

Advanced Web Application Security Testing - 2 days with hands-on advanced tools

Integrating security into software testing and QA activities is critical to achieving secure applications. With lots of hands on exercises and group activities, this course covers creating, coordinating, and executing security testing as part of a software testing and QA process.

Leader and Manager Training

Software project leaders and managers need to understand application security risk and the activities they can use to execute, measure, track, and forecast application security on their project. Based on our successful work building application security into the software development process of organizations large and small, our leader and manager training course is designed to enable any team to start building demonstrably more secure applications right away.

Leading the Development of Secure Applications - 1 day

Managing a project to create a secure application takes the right combination of activities, teams, and supporting technology. This engaging course leads you through a set of proven, practical activities that result in demonstrable security.