Search Training

EC-Council Certified Secure Programmer .NET (ECSP.NET)

Course Overview

The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development life cycle to improve the overall quality of products and applications.

Who Should Attend

The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET Framework. It is designed for developers who have .NET development skills.

Course Outline

1 - Introduction to .NET Application Security

  • Microsoft .NET Application Security
  • Common Security Threats on .NET
  • Secure Development Lifecycle (SDL)
  • Secure Coding Principles
  • Guidelines for Developing Secure Codes

2 - .NET Framework Security

  • Introduction to .NET Framework
  • .Net Runtime Security
  • .NET Class Libraries Security
  • .NET Assembly Security
  • .NET Security Tools
  • Best Practices for .NET Framework Security

3 - Input Validation and Output Encoding

  • Input Validation
  • Input Validation Attacks
  • Defensive Techniques against XSS Attacks
  • Defensive Techniques against SQL Injection Attacks
  • Output Encoding
  • Sandboxing
  • Best Practices

4 - .NET Authorization and Authentication

  • Introduction to Authentication and Authorization
  • Authentication
  • Authorization
  • Authentication and Authorization Vulnerabilities
  • Authentication and Authorization Best Practices
  • Secure Communication

5 - Secure Session and State Management

  • Session Management
  • Session Management Techniques in ASP.NET
  • Session Attacks and Its Defensive Techniques
  • Securing Cookie Based Session Management
  • ViewState Security
  • Guidelines for Secure Session Management

6 - .NET Cryptography

  • Introduction to Cryptography
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hashing
  • Digital Signatures
  • Digital Certificates
  • XML Signatures

7 - .NET Error Handling, Auditing, and Logging

  • Error Handling
  • Exception Handling in ASP.NET
  • Exception Handling Best Practices
  • Auditing and Logging
  • Auditing and Logging Best Practices
  • .NET Logging Tools

8 - .NET Secure File Handling

  • File Handling
  • Attacks on File and Its Defensive Techniques
  • Securing Files
  • File Extension Handling
  • Isolated Storage
  • File Access Control Lists (ACLs)
  • Checklist for Securely Accessing Files

9 - .NET Configuration Management and Secure Code Review

  • Configuration Management
  • Machine Configuration File
  • Application Configuration Files
  • Code Access Security Configuration Files
  • Configuration Management Best Practices
  • Secure Code Review
  • Static Code Analysis Tools

Enroll Today

This is a 3-day class

Price: $2,097.00
Payment Options

ILT Instructor‑Led Training


GTR  Guaranteed to Run

Class times are listed Eastern time. This class is available for Private Group Training

To sort by location or date, click the ‘When’ and ‘Where’ column headings.

Class dates not listed.
Please contact us for available
dates and times.