Certified Secured .NET Developer (CSDD)

About The Course

The course will present security guidelines and considerations in .NET applications development. The participants will learn the basics of application security, how to enforce security on a .NET application, using .NET crypto API and other security related issues. In addition, the course presents an overview of .NET's Security Framework, including authentication and authorization implementation.

Objectives of the course

Upon completion of this course, participants will be able to:

  • Understand the need for security
  • Understand the security threats
  • Implement code security best practices
  • Implement role based security
  • Improve security of ASP.NET Applications

Who should attend this course?

  • .NET developers wishing to improve their security skills

Table of Contents

Session 1: Introduction
Session 2: Threat Modeling
Session 3: Understanding Testing Setup
Session 4: Web Application Attacks & Countermeasures
Session 5: Web Application Scanners
Session 6: DOT NET Specific Countermeasures
Session 7: Web Server Security Best Practices (IIS)
Session 8: Database Security Best Practices (MS SQL Server)
Session 9: Secure Development Lifecycle
Session 10: Testing Web Services
Session 11: Source Code Analysis

Previous TrainingCWASP
Next TrainingCSJD
Swetha Narayan (Senior Software Engineer)

Prompt in his teachings with adequate knowledge in the areas of Secure Coding.

Abhineet Gosain (Sr. software Engineer)

Good work.

Ganesh Palani

Session was good. Vaibhav was able to show the scenarios in detail with various examples.

Satosh Kumar Mishra (QA)

Presentation is helpful in understanding

V. Venkatesh (Lead SSF)

Session was good. Vaibhav was able to explain the topics in depth and in simple terms.

JeyaKumar N. (Lead DB Engineer)

Training is extremely helpful in identifying injection issues across Web application and underlying databases.

Binu K (Senior Engineering Manager)

Vaibhav has lots of knowledge in OWASP-10 vulnerabilities, was going in depth for few vulnerabilities like SQL injection, XSS, CSRF, etc.

Dilip Janakeeram (QA Engineer)

Training topics covered was interesting and was able to corelate with own daily work.

Avalur Muthya (QA Engineer)

The trainer was very good, but the class would be more interactive.

Pooja Shetty (Senior QA Engineer)

Training was very much informative. Trainer had good knowledge on the area, he was able to answer/explain to use effectively.

Eknath Parkhe, Software Developer, GCO

Training is good. Mahesh take us deep into vulnerabilities like SQL injection. Cross site scripting, Direct data object etc.

Makarand Gharat, Operation Manager, GCO

Training is really good and Mahesh is very knowledgeable. We got very useful information and we will implement this knowledge in our application.

Prasad Thakur, Team Manager, GCO

Excellent knowledge and ability to store the same. Interacting session with all queries answered with detailing.

Sachidanand B Gaikwad, DBA, GCO

Training is very informative. Mahesh explained things very well. Material information provided by him is very useful. Will help to take security measurement in our application.

Register for a training