The security of (web) applications is becoming increasingly important. This is apparent, among other things, from the increasing number of security incidents and the rapidly growing cybercrime.
In practice, the security of a (web) application is often tested only after delivery. Security is not anchored in the lifecycle of the application (security by design). Errors or weaknesses in the software are therefore not or difficult to repair. In the eyes of Qbit it is important to pay attention to security at every stage of the development cycle of (web) applications, whether this is devops, agile or a more traditional method.
“During the development of an application, you can have the quality of the source code evaluated and / or train your employees in secure programming.”
In addition to increasing the awareness of the developers, the main objective of the workshop is to increase the knowledge and especially the skills of the participants in the field of ‘secure programming’. The training, besides theory and a hacklab, has a practical part in which developers practice with the provided theory and tools. The exercises are available in Java and .Net (#C).
The participants learn, on the basis of theory, practical examples, exercises and discussions, how structurally safe (web) applications are developed so that they can withstand frequent attacks (OWASP top 10) such as: SQL injection, Cross-Site Scripting, Cross-Site Request Forgery and abuse of weak authentication. With the ‘Secure Development Lifecycle’, attention is paid to all phases of the software development process: from requirements and designs, to implementation, testing and support.
Benefits of a Secure Development Training:
- Makes your development team aware of vulnerabilities hackers exploit.
- Learns developers to program inherently secure.
- Makes information security an integral part of the development cycle of an application.