Application Security and Development (STIG)

    

Summary:
This lab-intensive, hands-on application security training course essential for developers, designers, architects, QA, Testing, and other personnel who need to deliver secure applications within the DoD. In addition to teaching basic programming skills, this course digs deep into sound processes and practices that apply to the entire software development lifecycle. In this course, students thoroughly examine best practices for defensively coding applications, including XML processing and web services. Students will repeatedly attack and then defend various assets associated with a fully-functional application. This hands-on approach drives home the mechanics of how to secure applications in the most practical of terms.

Duration:
4 Days/Lecture & Lab

Audience:
This is an intermediate -level programming course, designed for developers who wish to get up and running on developing well defended software applications. This course may be customized to suit your team's unique objectives.

Topics:

• Foundation
• Top Security Vulnerabilities
• Additional Measures
• Defending XML Processing
• Secure Software Development (SSD)
• Application Development
• Application Security and Development Checklist

Prerequisites:
Familiarity with a programming language is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of working knowledge.

Last Update: May 20, 2012