EC-Council Certified Secure Programmer (ECSP) - Slechts 5 dagen

Zeven redenen waarom jij voor jouw ECSP cursus voor Firebrand kiest:

Bekijk deze video en zie waarom je met Firebrand geld en tijd bespaart

  1. Jij zal in slechts 5 dagen ECSP getrained zijn. Doordat onze cursussen residentieel zijn kunnen wij langere lesdagen aanbieden en zal je tijdens je verblijf volledig gefocust zijn op jouw cursus
  2. Onze ECSP cursus is all-inclusive. Cursusmaterialen, accommodatie en maaltijden zijn inbegrepen.
  3. Slaag de eerste keer voor ECSP of train gratis opnieuw. Vraag naar de voorwaarden van onze certificeringsgarantie bij onze Education Consultants.
  4. Je zal meer over ECSP leren. Waar opleidingen elders doorgaans van 9:00 tot 17:00 duren, kan je bij Firebrand Training rekenen op 12 uur training per dag!

  5. Je zal ECSP sneller beheersen. Doordat onze cursussen residentieel zijn word je in korte tijd ondergedompeld in de theorie. Hierdoor zal je volledig gefocust zijn op de cursus en zal je sneller de theorie en praktijk beheersen.
  6. Je zal voor ECSP studeren bij de beste training provider. Firebrand heeft het Q-For kwaliteitlabel, waarmee onze standaarden en professionaliteit op het gebied van training erkend worden. We hebben inmiddels 63.534 professionals getraind en gecertificeerd!
  7. Je gaat meer doen dan alleen de cursusstof van ECSP bestuderen. We maken gebruik van laboratoria, case-studies en oefentests, om ervoor te zorgen dat jij jouw nieuwe kennis direct in jouw werkomgeving kan toepassen.

Denk jij klaar te zijn voor deze opleiding? Doe een GRATIS oefentest om je kennis te testen!

Wanneer wilt u deelnemen aan een versnelde opleiding?

Start datum

Eind datum

Status

Locatie

Nu boeken

20/2/2017 (Maandag)

24/2/2017 (Vrijdag)

Beëindigde cursus

-

 

26/6/2017 (Maandag)

30/6/2017 (Vrijdag)

Wachtlijst

Landelijk

 

7/8/2017 (Maandag)

11/8/2017 (Vrijdag)

Beperkte beschikbaarheid

Landelijk

 

18/9/2017 (Maandag)

22/9/2017 (Vrijdag)

Open

Landelijk

 

30/10/2017 (Maandag)

3/11/2017 (Vrijdag)

Open

Landelijk

 

11/12/2017 (Maandag)

15/12/2017 (Vrijdag)

Open

Landelijk

 

Wereldwijd heeft Firebrand in haar 10-jarig bestaan al 63.534 studenten opgeleid! We hebben ze allemaal gevraagd onze versnelde opleidingen te evalueren. De laatste keer dat we onze resultaten analyseerden, bleek 96.49% ons te beoordelen als ‘boven verwachting’

"The trainer is a great instructor. He teached us very well!"
J. M.. - EC-Council Certified Secure Programmer (ECSP) (5 Dagen) (24/10/2016 t/m 28/10/2016)

"Good facilities, very knowledgeable instructor."
Anoniem - EC-Council Certified Secure Programmer (ECSP) (5 Dagen) (27/4/2015 t/m 1/5/2015)

"Every professional .Net programmer should have a security qualification. ECSP will give you that."
S.R. - EC-Council Certified Secure Programmer (ECSP) (5 Dagen) (27/4/2015 t/m 1/5/2015)

"The training was very comprehensive and covered a wide range of CEH topics. The instructor was very knowledgeable and able to relate the material in a way which was understandable. Overall great course!"
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (1/2/2016 t/m 5/2/2016)

"The amount of knowledge the trainer brought to us in one week was simply amazing. At times I did not get where his energy kept coming from. I dont think you can ask for much more. Well done! I learned a lot, and I learned a new way of thinking!!"
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (25/1/2016 t/m 29/1/2016)

"Cursus geeft een zeer goed overzicht van wat er mogelijk is op het gebied van Hacking."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (25/1/2016 t/m 29/1/2016)

"De instructeur had veel praktische ervaring dat zeker een meerwaarde geeft aan de cursus. Ga zo verder!"
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (25/1/2016 t/m 29/1/2016)

"Goede intensieve cursus met veel bruikbaar naslagwerk, gegeven door een zeer ervaren lesgever! Goede faciliteiten."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (25/1/2016 t/m 29/1/2016)

"Deze dagen heb ik geleerd dat er veel mogelijkheden zijn om te hacken. De bewustwording alleen al helpt ons al om beter te beschermen."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (25/1/2016 t/m 29/1/2016)

"The trainer gave me an excellent hand-on approach of teaching me the fundamental concepts of Ethical Hacking. He supplied me with wonderful tools, explanations and real life scenarios. He was making sure you'd understand the concepts he was teaching. The teacher prepared me in the best conceivable way he could, while I did whatever I could. I felt confident taking the CEH test. Having a full on knowledge about the concepts of hacking."
Jan Harm Broekman, Sint Antonius Ziekenhuis. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/12/2015 t/m 18/12/2015)

"Het is een zeer goede training. Er is volledige toegang tot het klaslokaal. De cursus is wel zwaar, maar het is zeker te doen. Ook kun je het examen uitstellen zonder probleem. Doordat de cursus op zo'n korte tijd gegeven wordt verlies je heel weinig tijd."
B.C., All Buro Solutions. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/12/2015 t/m 18/12/2015)

"Dit is de ideale manier om in een korte tijd skills op te bouwen"
Rudy Truyens. - EC-Council ECSA Certificering (5 Dagen) (26/10/2015 t/m 30/10/2015)

"Take a Firebrand course, you wont regret it!"
Anoniem - EC-Council ECSA Certificering (5 Dagen) (1/9/2014 t/m 5/9/2014)

" Een week bikkelen in hoog tempo met een docent die passie heeft voor het vak zorgen er voor dat je snel inzichten krijgt wat er nu wel en niet veilig is. De technieken die je je eigen maakt tijdens deze training zijn direct in de praktijk toepasbaar en zorgen er voor dat je maatregelen kunt gaan nemen. Een perfecte cursuslokatie gecombineerd met een groep enthousiaste mensen zorgen voor heldere en levendige discussies waardoor je nog meer wilt weten over hoe je de beveiliging kunt testen en tegenmaatregelen kunt nemen. Een kleine waarschuiwing is wel op zijn plek, na het volgen van de CEH zie je alles door andere ogen en met tijden vetrouw je niets of niemand meer!"
Wim Daans, RD Services. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (17/3/2014 t/m 21/3/2014)

"Prima cursus, snel en erg goed!"
Raymond vanderAa. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (17/3/2014 t/m 21/3/2014)

"Great teacher, perfect location. Learned a lot with high speed, it is really a challange. You will need to be well prepared and gain experience before attending."
Marco Tilburg, Query ITechnologies. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (17/3/2014 t/m 21/3/2014)

"Effectief snel leren, met de nodige humor."
Raymond van der Aa. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/1/2014 t/m 10/1/2014)

"Je bent 5 dagen lang alleen bezig met CEH. Geen afleiding door ander zaken."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/1/2014 t/m 10/1/2014)

"De instructeur weet je 5 dagen te boeien door de manier waarop hij de complete CEH materie behandeld. Geen powerpoint slides maar een verhaal met praktijkvoorbeelden en nuttige tips. Wanneer je later de materie bestudeert, blijkt dat de instructeur het heeft behandeld."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/1/2014 t/m 10/1/2014)

"Zeer kundige docenten, mensen die uit het veld komen en weten waar ze over spreken. "
Anoniem, ministerie van Binnenlandse zaken - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (11/11/2013 t/m 15/11/2013)

"In slechts 5 dagen krijg je alle relevante kennis aangedragen die je nodig hebt voor je certificering. 5 dagen bikkelen heeft zeker resultaat."
Gerwin Aalderink, Rabobank. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (11/11/2013 t/m 15/11/2013)

"Fast-paced super focused training is what you really need to quickly gain new skills, or improve on your current skills. Obviously, the quality of the teacher is also imperative and I found the instructor to be an exceptional eacher who manages to cover a lot of material whilst at the same time spicing it up with humor and real-life stories out of his vast professional experience. This really helps to make it stick. I also must mention the fact that the venue is excellent, with very friendly staff and excellent food, even if you have a food allergy or intolerance"
Anoniem, ORBATEC - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (11/11/2013 t/m 15/11/2013)

"Intensieve training van ervaren docent. Veel kennisoverdracht in korte periode. "
Jan Ysebaert, all-project BVBA. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (9/9/2013 t/m 13/9/2013)

"Very nice training and had a very nice week, thank you Firebrand!!"
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (9/9/2013 t/m 13/9/2013)

"The course is very insightful,but at the same time very fun. Although you need some knowledge before hand, to help you along your journey to be certified ethical hacker."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (9/9/2013 t/m 13/9/2013)

"The logistics, service, accommodation, course material; everything is well organised and complete. Really nice place (in Guldenberg), nice quiet surroundings; Firebrand has chosen a good location for their course. The course itself was fast paced and attention grabbing and gripping (CEH). Entertaining Instructor."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (8/7/2013 t/m 12/7/2013)

"The CEH course provided an excellent insight and the course delivery ensured the more in depth topics were presented in a easy to understand way."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (13/5/2013 t/m 17/5/2013)

"Zeer leerzaam, veel inhoud en handson. Een leraar die vanuit de praktijk en ervaring spreekt. Wel hele lange dagen."
PB, Gemeente Maastricht. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/2/2012 t/m 10/2/2012)

"Een cursus met veel praktijk. De docent weet de materie goed over te brengen en geeft voorbeelden uit de praktijk. "
Marco Hermans, Gemeente Maastricht. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/2/2012 t/m 10/2/2012)

"Geweldig, praktijk gerichte opleiding met een zeer ervaren docent. Zeker aan te bevelen voor de techneuten tussen ons."
Anoniem - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/2/2012 t/m 10/2/2012)

"Zeer gedreven instructeur met gedegen ervaring uit de praktijk. "
Bert-Jan van der Burg, Van Houtum BV. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (6/2/2012 t/m 10/2/2012)

"The instructor was very knowledgable, and I would participate another course with him as the instructor. I am likely to attend the follow up course in the UK in April 2016. "
R.S., CACI . - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/12/2015 t/m 18/12/2015)

"The teacher is a really good guy, he has a really good way of teaching the course. He explains it with examples etc. The overall impression of the lecture is really good. It also opened my eyes in security and I'm planning to do the next ec-council and hope this same instructor will do the course, he did a really good job. "
B.C., All Buro Solutions. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/12/2015 t/m 18/12/2015)

"Extreme focus, very experienced trainer, great exam preparation, sure to pass"
Anoniem - EC-Council Computer Hacking Forensics Investigator (CHFI v9) (5 Dagen) (30/11/2015 t/m 4/12/2015)

"I really enjoy the Firebrand training format. The trainer was passionate and knowledgeable about the material he was teaching."
Arjen Post. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (8/7/2013 t/m 12/7/2013)

"The CEHv8 Firebrand Training was very, very good. Five days non-stop training by an excellent teacher with loads of experience."
Robert Jan van der Burght, Kadaster. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (8/7/2013 t/m 12/7/2013)

"If you want to test your IT and TI skills for becoming a security specialist this is the way to start. Be prepared to get on a technical challenging rollercoaster and get inspired with new ideas."
Ronald van Dorp, KPN. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (15/10/2012 t/m 19/10/2012)

"The CEHv7 training was lot of fun! Nice hacking and lost of study materials I like it this way!!"
Maurice Janmaat, Ordina. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (15/10/2012 t/m 19/10/2012)

"Fine, quick and accurate instructor with very up to date knowledge. Training facilities are fine: small room, good food, nice surroundings."
N.B. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (8/10/2012 t/m 12/10/2012)

"Ive been successfully training with Firebrand for some years now. Cisco up till now (CCNA, CCDA, CCNP & CCDP), so CEH this time round was something totally different. Hard work and challenging, but really enjoyed it. Firebrand have certainly got this type of training sorted!"
Andrew Ian Trow, Harmonic. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (8/5/2017 t/m 12/5/2017)

"Firebrand has best place, friendly environment and best instructors"
Rami Aldhafiri, Boubyan Bank. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (8/5/2017 t/m 12/5/2017)

"Excellent instructor, excellent facilities, fantastic experience. Highly recommended to anybody considering training. The best learning experience by far."
J.L, cybsec. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/4/2017 t/m 18/4/2017)

"Firebrand as a whole experience has been an eye-opener not only the course but the rest of the class learning, the instructor was really easy to talk to and go to for anything. The whole stay has been something that I would recommend to anyone who is trying improve their career. Firebrand, for my personal opinion, have been as professional as one can except (and some). Everyone from Firebrand has been really helpful and especially the Instructor. It doesn`t matter what time of the day it was he was there for you for literally anything - not just question about the courseware. If there was 11 I would have said 11/10. "
Artur Ramadani, Contractor. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/4/2017 t/m 18/4/2017)

"Starting as a very newbie to much of the material, I come out so much more able and knowledgeable in this arena. The practical exercises coupled with great presentation of the material and the clear deep expertise of the instructor meant the course flew by but delivered great learning"
Timothy Canning, GTE Ltd. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/4/2017 t/m 18/4/2017)

"Firebrand is exactly what is says on the tin. It's hard work and intense but by far the best way of working. "
Chris Owen, BeyondTrust. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (14/4/2017 t/m 18/4/2017)

"Wonderful trainer, really focusing on the individual. It is a tough week but the insight you get and things you learn go way beyond any other courses I have attended."
C.G, GCASSOCIATES GmbH. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (27/3/2017 t/m 31/3/2017)

"This is the second time I have taken a Firebrand course and have enjoyed my time at Wyboston again. The instructor is extremely knowledgeable and the content of the course was very engaging."
Tom Sweet, Software Escrow Solutions. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (27/3/2017 t/m 31/3/2017)

"Firebrand is an excellent choice for IT specialists in the UK. Very professional and highly recommended, the number 1 choice for my company. Having experienced the training first hand I will not hesitate to recommend this company, the courses, and the staff, with the excellent facilities provided to my employees and any anybody considering taking certified training in the UK"
John Lynch, CybSec Ltd. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (27/3/2017 t/m 31/3/2017)

"Hard work, long hours, but interesting and fun! Great instructor!"
Mark Elvidge, Uplinkman Ltd. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (20/2/2017 t/m 24/2/2017)

"Wonderfull training.The trainer provided so much technical informations and Lab exercices. The course was really hands-on. "
Gbessi Vincent TOH, T-Inet Consulting. - EC-Council Certified Ethical Hacker (CEH v9) (5 Dagen) (20/2/2017 t/m 24/2/2017)

Learn how to code and develop secure applications with greater stability and posing minimal security risks to the consumer. Get your EC-Council Certified Secure Programmer certification in just five days. Depending on whether you're used to working with .NET or Java, you'll be able to tailor your course based on the environment you work in. Choose either the .NET or Java labs and exam - and get the accreditation you want.

As an ECSP you'll improve the overall quality of your products and applications by identifying security flaws and implementing security countermeasures throughout the software development life cycle. This course is based on the OWASP (Open Web Application Security Project) Top Ten Threats, a guide to the most common categories of application security problems.

What you'll learn

This course builds on your development skills in C#, C++, Java, PHP, ASP, .NET and SQL. You'll learn about key secure programming topics, including:

  • Framework Security
  • .NET Authentication and Authorisation
  • .NET & Java Cryptography
  • Secure File Handling

If you're designing and building Windows/Web based applications with .NET/Java, the ECSP certification is for you. You'll learn the latest techniques and strategies in secure programming through classroom discussions and a series of practical labs.

8x Accredited Training Centre of the Year

Accredited Training Centre of the Year

Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to eight years.

Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”

Lees meer ...

Belangstelling? Zie onze prijzen of bel ons op 024-8457770

This course will significantly benefit programmer and developers concerned about the security of their code.

Technical certification is a sound investment in your career - and your organisation. Although certification does not guarantee success, research has shown that it can have a significant impact on:

  • Morale and confidence
  • Efficiency and productivity on the job: 85% of managers view certified employees as more productive (Gartner Study)
  • Career advancement: 70.8% of IT managers view certification as a criteria for promotion (Gartner Study)
  • Financial rewards

Lees meer ...

Belangstelling? Zie onze prijzen of bel ons op 024-8457770

The curriculum will focus on your chosen ECSP certification language of either .NET or Java.

Introduction to Application Security

  • Become Familiar with. Application Security
  • Understand the Need for Application Security
  • Key Elements of Framework Architecture Security
  • Framework Security Features
  • Top 10 Security Attacks For OWASP
  • Secure Development Lifecycle (SDL)
  • Threat Modeling Process
  • Security Testing
  • Learn Various Secure Coding Principles
  • Guidelines for Developing Secure Codes
  • Confidentiality
  • Integrity
  • Availability
  • Minimal attack surface areas
  • Secure defaults
  • Principle of least privilege
  • Principle of defense in depth
  • Fail securely
  • External systems are insecure
  • Separation of duties
  • No security by obscurity
  • Simplicity
  • Fix security issues correctly

Framework Security

  • Become Familiar with Framework Architecture
  • Learn Framework Runtime Security Model
  • Understanding you’re only as secure as your Framework
  • Role-Based Security
  • Code Access Security (CAS)
  • Evidence-Based Security
  • Permissions and Permissions Classes
  • Become Familiar with Stack Walking Process
  • Isolated Storage
  • Learn About Class Libraries Security
  • .NET Assembly Security
  • Understand Common Threats To .NET Assemblies and Classes

Input Validation and Output Encoding

  • Understand Need of Input Validation
  • Various Input Validation Approaches
  • Learn Various Validation Controls
  • Understand Common Input Validation Attacks
  • Learn Defensive Techniques for XSS Attacks
  • Validation Control’s Vulnerabilities
  • Learn Mitigation Techniques for Validation Control’s Vulnerabilities
  • Learn Defensive Techniques for SQL Injection Attacks
  • Learn Output Encoding To Prevent Input Validation Attacks
  • Sandboxing to Prevent Input Validation Attacks
  • Various Sandboxing Software
  • Best Practices for Input Validation

.NET Authentication and Authorization

  • Authorization and Authentication Processes
  • Understand Common Threats on Authorization and Authentication
  • Authentication and Authorization Security Architecture
  • Understanding the Security Relationship between IIS and ASP.NET
  • Authentication and Its Modes in Detail
  • Authorization and Its Types in Detail
  • Become Familiar with Impersonation and Delegation Concepts
  • Mitigate Authentication and Authorization Vulnerabilities
  • Best Practices for Authentication and Authorization
  • Become Familiar with Secure Communication Concepts

Secure Session and State Management

  • Session Management Concepts
  • Security Principles for Session Management Tokens
  • Common Threats on Session Management
  • The Session Management Techniques
  • Various Session Attacks
  • Defensive Techniques against Session Attacks
  • Become Familiar with Cookie-Based Session Management
  • Cookie Security
  • Viewstate in .NET or HTTP Session Class in Java - Based Session Management
  • Common Threats on Viewstate in .NET or HTTP Session Class in Java
  • Viewstate in .NET or HTTP Session Class in Java Security
  • Guidelines for Secure Session Management

.NET & Java Cryptography

  • Become Familiar with Cryptography in .NET and Java
  • Understand Different Types of Cryptographic Attacks In .NET and Java
  • Become Familiar with Symmetric Encryption
  • Learn How to Secure Symmetric Encryption
  • Become Familiar with Asymmetric Encryption
  • Learn How to Secure Asymmetric Encryption
  • Become Familiar with the Hashing Concept
  • Reversing Hashing - EG. Cracking Passwords

Quick Overview on Password Cracking and how it affects programmers

  • Learn How to Implement Security in Hashing
  • Digital Signatures – If it is valid does that mean it’s not malicious?
  • Digital Certificates – The process start to finish
  • XML Signatures

Error Handling, Auditing, and Logging

  • Errors and Exception Handling
  • The Principles of Secure Error Handling
  • Different Levels of Exception Handling
  • Mitigate Vulnerabilities in Class Level Exception Handling
  • Manage Unhandled Errors
  • Guidelines and Checklists for Proper Exception Handling
  • Become Familiar with Logging and Auditing Process
  • Common Threats to Logging and Auditing
  • Become Familiar with Log Throttling Process
  • Learn How to Implement Windows Log Security against Various Attacks
  • Best Practices and Checklists for Auditing and Logging Security
  • Various Logging Tools

Secure File Handling

  • File Handling Concepts
  • Understand File Handling Security Concerns
  • Path Traversal Attacks on File Handling
  • Learn Defensive Techniques against Path Traversal Attack
  • Canonicalization Attack on File Handling
  • Learn Defensive Techniques against Canonicalization Attack
  • Static Files and their Security
  • The Security of File I/O Using Absolute Path and Map path
  • Security While Uploading Files
  • Become Familiar with the File Extension Handling Concept
  • File ACLS
  • Checklist for Securely Accessing Files

Configuration Management and Secure Code Review

  • Configuration Management
  • Common Threats on Configuration Management
  • Machine Configuration Files or Web XML or Properties Class in JAVA
  • Mitigate the Vulnerabilities in Machine Config Files or Web XML or Properties Class in JAVA
  • Application Configuration Files or Web XML or Properties Class in JAVA
  • Mitigate the Vulnerabilities in App Config Files or Web XML or Properties Class in JAVA
  • Code Access Security Configuration Files or Web XML or Properties Class or Web XML or Properties Class in JAVA
  • Policy Configuration Files
  • Best Practices for Configuration Management
  • Become Familiar with Secure Code Review
  • Security Code Review Approaches
  • Various Static Code Analysis Tools

JavaScript – Just don’t do it, but if you have to…

  • XSS
  • Reflected
  • Stored
  • DOM
  • XSRF
  • Click Jacking
  • Script Injection

Buffer Overflow

  • Write and implement a buffer overflow on various vulnerabilities

Reversing Java and .NET

  • Both Java and .NET compile to byte code which can be reversed
  • Learn techniques to secure your hard earned code.

OWASP Hands-On Labs:

Unvalidated Redirects and Forwards Lab

  • Testing the attack
  • Fixing the problem on the client side
  • Fixing the problem on the server side

Insufficient Transport Layer Protection Lab

  • Insecure pages
  • Secure login cookies
  • Secure other cookies

A8 Failure to Restrict URL Access Lab

  • Mounting the attack
  • Another hole

Insecure Cryptographic Storage Lab

  • Mounting the attack
  • Preparing to encrypt the file
  • Encrypting the file
  • Decrypting the file
  • Replaying the attack
  • Zeus

Security Misconfiguration Lab

  • Problem 1
  • Problem 2
  • Problem 3
  • Problem 4
  • Mounting an attack
  • Hardening the site

Cross Site Request Forgery Lab

  • Preparing
  • Mounting the attack
  • Hardening the site with a CAPTCHA
  • Re-running the attack
  • Protecting CSRF with synchronizer token pattern
  • Re-running the attack

Insecure Direct Object Reference Lab

  • Mounting the attack
  • Hardening the site
  • Hardening in .Net

Broken Authentication and Session Management Lab

  • Mounting the attack
  • Hardening the site with IP checking
  • Hardening the site with authentication

Cross-Site Scripting Lab

  • Testing for a vulnerability
  • Mounting the attack
  • Hardening the site – encoding output
  • Hardening the site – Using the Anti-XSS library

Injection Flaws Lab

  • Mounting the attack
  • Advanced attack vectors
  • Hardening the site with parameters
  • Bonus! Hardening the site with a whitelist
  • Protecting your update with a whitelist
  • Protecting your update with parameters

Information Leakage and Improper Error Handling Lab

  • Mounting the attack
  • Turning specific errors on
  • Create custom error pages
  • Capturing the error

Cryptography Lab

  • Exploring existing controls

Provider Model Lab

  • Exploring existing controls
  • Add the link
  • Add the page

Click jacking Lab

  • Testing the vulnerability
  • Protecting with X-Frame-Options
  • Protecting with frame-breaking JavaScript

Phishing Lab

  • Creating an uncomplicated site
  • Routes and default values
  • Sending an email

Static Code Analysis Lab

  • Testing the attack

Lees meer ...

Belangstelling? Zie onze prijzen of bel ons op 024-8457770

Depending on the environment you're used to working in, you'll choose and sit one of the following exams:

  • EC-Council ECSP Java Exam: 312-94
  • EC-Council ECSP .NET Exam: 312-93

Lees meer ...

Belangstelling? Zie onze prijzen of bel ons op 024-8457770

Included:

Depending on the environment you're used to working in, you'll choose one of the following sets of courseware:

EC-Council ECSP Java

EC-Council ECSP .NET

Lees meer ...

Belangstelling? Zie onze prijzen of bel ons op 024-8457770

The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET/Java Framework. It is designed for developers who have C#, C++, Java, PHP, ASP, .NET and SQL development skills.

In order to attend successfully you must have programming fundamental knowledge.

Weet je niet zeker of je voldoet aan de vereisten?

Firebrand levert in een afleidingsvrije omgeving waardoor je je volledig kan focussen op de te bestuderen materie. We bespreken graag jouw technische achtergrond, ervaring en kwalificaties om vast te stellen of deze versnelde cursus voor jou geschikt is.

Belangstelling? Zie onze prijzen of bel ons op 024-8457770