Introduction to Secure Coding for Web Developers

50 Ratings

Course Number: SEC-100

Duration: 1 day (6.5 hours)

Format: Live, hands-on

Secure Coding Training Overview

In this one-day, intensive introduction to web application security, developers directly explore common code vulnerabilities and how to mitigate them. The class is full of “uh, oh” moments when developers dramatically see the consequences of failing to write secure code, followed by the “ah, ha” satisfaction of correcting their code to make the vulnerabilities disappear.

Location and Pricing

Accelebrate offers instructor-led enterprise training for groups of 3 or more online or at your site. Most Accelebrate classes can be flexibly scheduled for your group, including delivery in half-day segments across a week or set of weeks. To receive a customized proposal and price quote for private corporate training on-site or online, please contact us.

Objectives

  • Validate data to defend against injection and other attacks
  • Prevent Cross-Site Scripting (XSS) vulnerabilities
  • Gain a deep understanding of SQL injection attacks and how to defend against them

Prerequisites

Prior experience with HTML, CSS, JavaScript, and SQL is presumed.

Outline

Expand All | Collapse All

Introduction
Data Validation
  • Understand the Business Logic for the Data You Accept 
  • Limit the Amount of Data You Are Willing to Accept
  • Use a Whitelist to Sanitize Incoming Data
  • Properly Handle Exceptions
  • Reminder: The User Interface Can Always be Bypassed
  • Working With Encoded Data
  • Data Validation Checklist
Cross-Site Scripting (XSS)
  • Reflected Cross-Site Scripting
  • What an Attacker Can Accomplish
  • Persistent Cross-Site Scripting
  • Preventing Cross-Site Scripting Vulnerabilities
  • Testing for Cross-Site Scripting Vulnerabilities
  • Cross-Site Scripting Prevention Checklist
SQL Injection (SQLI)
  • Exploiting a SQL Injection Vulnerability
  • Blind SQL Injection Attacks
  • Union-Based SQL Injection Attacks
  • Second Order SQL Injection Vulnerabilities
  • Direct Database Attacks
  • Preventing SQL Injection Vulnerabilities
  • Making Attacks More Difficult
  • Identifying Existing Vulnerabilities in Your Code
Conclusion

Training Materials:

This coding class includes electronic courseware and code examples.

Software Requirements:

  • Google Chrome and any other modern web browsers with which you would like to test
  • JavaScript IDE of your choice
  • Node.js installed
  • Related lab files


Learn faster

Our live, instructor-led lectures are far more effective than pre-recorded classes

Satisfaction guarantee

If your team is not 100% satisfied with your training, we do what's necessary to make it right

Learn online from anywhere

Whether you are at home or in the office, we make learning interactive and engaging

Multiple Payment Options

We accept check, ACH/EFT, major credit cards, and most purchase orders



Recent Training Locations

Alabama

Birmingham

Huntsville

Montgomery

Alaska

Anchorage

Arizona

Phoenix

Tucson

Arkansas

Fayetteville

Little Rock

California

Los Angeles

Oakland

Orange County

Sacramento

San Diego

San Francisco

San Jose

Colorado

Boulder

Colorado Springs

Denver

Connecticut

Hartford

DC

Washington

Florida

Fort Lauderdale

Jacksonville

Miami

Orlando

Tampa

Georgia

Atlanta

Augusta

Savannah

Hawaii

Honolulu

Idaho

Boise

Illinois

Chicago

Indiana

Indianapolis

Iowa

Cedar Rapids

Des Moines

Kansas

Wichita

Kentucky

Lexington

Louisville

Louisiana

New Orleans

Maine

Portland

Maryland

Annapolis

Baltimore

Frederick

Hagerstown

Massachusetts

Boston

Cambridge

Springfield

Michigan

Ann Arbor

Detroit

Grand Rapids

Minnesota

Minneapolis

Saint Paul

Mississippi

Jackson

Missouri

Kansas City

St. Louis

Nebraska

Lincoln

Omaha

Nevada

Las Vegas

Reno

New Jersey

Princeton

New Mexico

Albuquerque

New York

Albany

Buffalo

New York City

White Plains

North Carolina

Charlotte

Durham

Raleigh

Ohio

Akron

Canton

Cincinnati

Cleveland

Columbus

Dayton

Oklahoma

Oklahoma City

Tulsa

Oregon

Portland

Pennsylvania

Philadelphia

Pittsburgh

Rhode Island

Providence

South Carolina

Charleston

Columbia

Greenville

Tennessee

Knoxville

Memphis

Nashville

Texas

Austin

Dallas

El Paso

Houston

San Antonio

Utah

Salt Lake City

Virginia

Alexandria

Arlington

Norfolk

Richmond

Washington

Seattle

Tacoma

West Virginia

Charleston

Wisconsin

Madison

Milwaukee

Alberta

Calgary

Edmonton

British Columbia

Vancouver

Manitoba

Winnipeg

Nova Scotia

Halifax

Ontario

Ottawa

Toronto

Quebec

Montreal

Puerto Rico

San Juan