...
Producing secure code for applications is a key aspect of protecting GÉANT applications and systems. With the move towards multi-domain systems and services there is a greater emphasis on securing these multi-domain systems as well as ensuring secure deployment of them. The Secure Coding Training focuses on areas that affect the development and analysis of application's source code!
| Section |
|---|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #ebfffc |
|---|
| bgColor | #ebfffc |
|---|
| titleColor | whiteWHITE |
|---|
| titleBGColor | #FF0000#77d1db |
|---|
| title | Secure Coding Training 2021 2024 (SCT 2021SCT24) |
|---|
|
 Image Added
TOPICS:- Continuous Integration / Continuous Development and Secure Development Life Cycle
- Continuous Integration / Continuous Development pipelines: cybersecurity top threats and best practices
- Secure Programming in Python – secure coding practices
- Secure Programming in Python – common vulnerabilities
- Overview of the SonarQube capabilities
- OWASP ASVS – reminder andcurrent status, incl. working in groups
- Write Hacker Proof Code – Malicious Code
- Write Hacker Proof Code – Files and Resources
|
| Panel |
|---|
| borderColor | #ebeeff |
|---|
| bgColor | #ebeeff |
|---|
| ATTENDED BY: INDIVIDUALS NRENs |
|
|
| Section |
|---|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #ebfffc |
|---|
| bgColor | #ebfffc |
|---|
| titleColor | WHITE |
|---|
| titleBGColor | #77d1db |
|---|
| title | Secure Coding Training 2023 (SCT23) |
|---|
|  Image Added
TOPICS:- How to design Continuous Integration and Continuous Development pipelines (CI/CD) with respect to Secure Development Life Cycle paradigm
- Secure Programming in Python
- Introduction
- Python gotchas
- Secure coding practices
- Tools and conclusions
- Practical workshop
- Writing Hacker Proof Code - Files and Resources
- Writing Hacker Proof Code - Session Management
- HackMe Contest
|
| Panel |
|---|
| borderColor | #ebeeff |
|---|
| bgColor | #ebeeff |
|---|
| ATTENDED BY: INDIVIDUALS NRENs |
|
|
| Section |
|---|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #ebfffc |
|---|
| bgColor | #ebfffc |
|---|
| titleColor | WHITE |
|---|
| titleBGColor | #77d1db |
|---|
| title | Secure Coding Training 2022 (SCT22) |
|---|
|  Image Added
TOPICS:- OWASP ASVS as a source of security requirements
- Fuzz testing
- Introduction and basic concepts
- Overview of selected tools workshop introduction
- Workshop
- Writing Hacker Proof Code – Validation, Sanitization and Encoding
- Writing Hacker Proof Code – Data Protection
- Continuous Integration / Continuous Development and Secure Development Life Cycle
- Review of the current freely available tools for static source code review
- HackMe Contest
|
| Panel |
|---|
| borderColor | #ebeeff |
|---|
| bgColor | #ebeeff |
|---|
| ATTENDED BY: INDIVIDUALS NRENs |
|
|
| Section |
|---|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #ebfffc |
|---|
| bgColor | #ebfffc |
|---|
| titleColor | WHITE |
|---|
| titleBGColor | #77d1db |
|---|
| title | Secure Coding Training 2021 (SCT21) |
|---|
| "Securing multi-domain systems" Image Added
TOPICS:- Popular attacks against Web applications workshop
- Continuous Integration / Continuous Development and Secure DevelopmentLife Cycle
- (ASVS based) Writing Hacker proof code – Authorization (Access control)
- (ASVS based) Writing Hacker proof code – Authentication
- (ASVS based) Writing Hacker proof code – Error handling and logging verification
- HackMe contest
|
| Panel |
|---|
| borderColor | #ebeeff |
|---|
| bgColor | #ebeeff |
|---|
| ATTENDED BY: INDIVIDUALS NRENs |
| Panel |
|---|
| borderColor | #ecffeb |
|---|
| bgColor | #ecffeb |
|---|
| title | From the participants: |
|---|
| “High level of interest in most training topics”
"Scanning real source code and interpreting results is the most favored method of working directly with code" SCT 2021: let's meet virtually this year!
DATE:- The date will be established soon
- 4 days , Monday - Thursday
- 10:00-14:00 CEST every day
- Fully virtual training
REGISTRATION:TOPICS:- Secure Development Life Cycle and Continuous Integration
- Writing Hacker Proof Code - Authentication
- Writing Hacker Proof Code - Authorization and Access Control
- Writing Hacker Proof Code - Logging Verification and Error Handling
- The most popular Web application vulnerabilities workshop (new edition)
- Review of the current static analysis tools
- HackMe contest
More information about the training, including the agenda. Any questions? You may ask Gerard Frankowski (gerard.frankowski@man.poznan.pl)
|
|
|
| Section |
|---|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #ebfffc |
|---|
| bgColor | #ebfffc |
|---|
| titleColor | white |
|---|
| titleBGColor | #77d1db |
|---|
| title | Secure Coding Training 2019 (SCT19) |
|---|
| "Producing Bullet-Proof Software for your Infrastructure"
TOPICS:- OWASP Application Security Verification Standard v. 4.0
- Implementing the most recent authentication and authorization methods
- New or improved security tools for the developer teams
|
| Panel |
|---|
| borderColor | #ebeeff |
|---|
| bgColor | #ebeeff |
|---|
| ATTENDED BY: INDIVIDUALS NRENs |
| Panel |
|---|
| borderColor | #ecffeb |
|---|
| bgColor | #ecffeb |
|---|
| title | From the participants: |
|---|
| “Best practices (development, testing, deployment, workflows and concepts on type of attacks and some known/recent threats”
"More knowledge about GEANT project training resources, better knowledge about the state of projects participants skills"
"Knowledge, which was the main reason why I decided to participate. The training does not make me an expert in security, but it will help me in the future when it comes to security related issues" "Good concepts, info about best practices with tested examples. The subject is dense and the trainers made an effort to transmit these concepts in an easy and enjoyable way" |
|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #ebfffc |
|---|
| bgColor | #ebfffc |
|---|
| titleColor | WHITE |
|---|
| titleBGColor | #77d1db |
|---|
| title | Secure Coding Training 2020 (SCT20) |
|---|
| "Different this time and... it is happening!"
TOPICS: |
| Panel |
|---|
| borderColor | #ebeeff |
|---|
| bgColor | #ebeeff |
|---|
| ATTENDED BY: INDIVIDUALS NRENs |
| Panel |
|---|
| borderColor | #ecffeb |
|---|
| bgColor | #ecffeb |
|---|
| title | From the participants: |
|---|
|
|
|
|
...
