The Certified Application Security Engineer (CASE) training and certification program provides a comprehensive application security approach which encompasses security activities involved in all the phases of Software Development Lifecycle (SDLC).
The .Net framework has increased in popularity because of its open source nature, interoperability, language independence, library of codes and ease of deployment. It has become the preferred choice of application developers. However, there are not many training programs that address secure application development.
While .Net developers often learn security on the job, primarily because the basic education of programming does not usually cover or emphasize security concerns, the CASE program trains these developers to place importance on security.
Course outline
Understanding Application Security, Threats, and Attacks
Security Requirements Gathering
Secure Application Design and Architecture
Secure Coding Practices for Input Validation
Secure Coding Practices for Authentication and Authorization
Secure Coding Practices for Cryptography
Secure Coding Practices for Session Management
Secure Coding Practices for Error Handling
Static and Dynamic Application Security Testing (SAST & DAST)
Secure Deployment and Maintenance