Secure coding in practice - up1/training-courses GitHub Wiki

Course :: Secure coding in practice

Targets

• Software developer
• Software architect

Outline

• Introduction Secure Coding
• OWASP Methodologies And Standards
• Secure Coding Practice Guidelines
• Top application vulnerabilities
  • Injection
  • Broken authentication and session management
  • Cross-site scripting (XSS)
  • Insecure design
  • Security misconfiguration
  • Outdated component
  • Identification and authentication failure
  • Logging and monitoring failure
• OWASP Top 10
  • Web Application Security
  • Web API Security
  • Mobile Application Security
• Secure Checklist and workshop
  • Input and Output Validation
  • Output Encoding
  • Authentication And Password Management
  • Secure Handling Of Credentials
  • Session Management
  • Access Control
  • Cryptographic Practices
  • Error Handling And Logging
  • Data Protection
  • Communication Security
  • File Management
  • Memory Management
• Continuous Integration with Security
  • Static Application Security Testing (SAST)
  • Software Composition Analysis (SCA)
  • Dynamic Application Security Testing (DAST)

Reference Websites

• Secure Coding Practices
• OWASP Developer Guide
• OWASP Top Ten
• Web Application Security Vulnerabilities
• 10 Secure Coding Practices You Can Implement Now
• Secure coding practices every developer should know
• OWASP Threat Modeling