Secure Development Training
GDS offers advanced security training courses designed to teach techniques for testing application security and building secure applications. Classes cover application security fundamentals and common security development pitfalls. All GDS training courses include live demonstrations, interactive examples, and quizzes to reinforce the concepts taught during the class. GDS primary training offerings are outlined below.
Secure Application Development
The GDS Secure Application Development course is a "code centric" class designed to teach application developers and architects the principles of secure application development. Available in Java, .NET, and general (not language specific) version, defensive application design and coding techniques are illustrated through hands on exercises and labs.
Custom Application Security Training
GDS offers customized training sessions following the completion of an application security assessment designed to debrief developers on the identified vulnerabilities and to share recommendations on how to mitigate or eliminate the security exposures.
Sample Course Outline
Application Developers and Managers
This "code centric" class is intended to teach application developers and architects the principles of secure application development and best practice defensive coding techniques. Common application vulnerabilities and weaknesses are explained along with techniques for avoiding and/or mitigating the issues.
The following is a sample outline that includes the examples of the core topics covered in this class:
- Critical Application Security Concepts
- Input Validation & Encoding
- Authentication, Authorization & Session Management
- Encryption, Confidentiality & Data Protection
- Data Access
- Error Handling & Logging
- Server Configuration & Code Management
- Application Threat Modeling