If you or any members of your team are interested in improving application security and strategies you can use to ensure secure coding and development of your applications, one convenient and accessible training option is a new online series from Security Innovation via their training library TeamProfessorTM. Starting Wednesday, July 20, eLearning courses will be available through the first Software Security Summer Series, a curriculum of six professional development courses being offered for the next six weeks by Security Innovation at no charge.
Developers, group managers, designers, architects and testers can learn techniques for proactively building security into the core and preventing many of the common issues that crop up later in the development process.
The schedule of courses is as follows:
- July 20: Fundamentals of Application Security
- July 26: Fundamentals of Secure Development
- August 3: How to Perform a Security Code Review
- August 10: How to Test for the OWASP Top Ten
- August 17: SDLC Gap Analysis & Remediation Techniques
- August 24: Architecture Risk Analysis
For more information or to register, check out www.securityinnovation.com.
SearchSoftwareQuality.com has several recent articles related to application security, including:
Application security: Testing for insecure file references Insecure file references are considered a significant security risk of Web applications. Security security expert John Overbaugh explains this attack and gives instructions on how you can test for and detect this vulnerability.
Application security: Testing for injection vulnerabilities A top security vulnerability in Web applications is an injection attack — one in which the Web application is tricked into treating input as if it were code, allowing a hacker to gain control of an application. Learn key techniques for how to effectively test for injection vulnerabilities.