SANS Software Security Series 2007

SANS Software Security Series is the industry's only two-day event providing application developers and system administrators an opportunity to learn the best ways to implement security during the software development lifecycle. Space is limited, so register today!

Click for Calendar of Events

Who Should Attend

• Web application system and security administrators
• QA analysts who want to learn the mechanics of web applications for better testing
• Anyone interested in techniques for securing Web applications

What You Will Learn

Note: Course offerings may vary by location.

SANS Software Security Series was designed to provide you with the knowledge and skills you need to ensure the web applications within your organization are secure. Our courses cover topics from the principles of securing Web applications and the common vulnerabilities, testing, PCI compliance, securing web applications through Web Services and AJAX, assuring, testing and auditing JAVA, and helping managers understand secure web services and how to work with their web team the right questions and give the right guidance.

Here is a listing of courses currently offered in this series:

Web Application Security Workshop - An advanced, hands-on, action packed course covering the principles of securing Web applications and the common vulnerabilities that are leveraged by attackers as well as general defense techniques to protect against future attacks.

Intro to Pen Testing Web Apps - This class gives you the know-how to test common vulnerabilities in web applications so you can hit the ground running when it comes to testing web application's security posture.

Secure Coding for PCI Compliance Boot camp: OWASP and More - With more than 10 hands on exercises and a focus on the OWASP top ten issues, this one day bootcamp course will provide many of the skills programmers need to write secure code AND help you meet your PCI requirements.

Ajax and Web Services Security Overview - This one-day hands-on course covers the security issues, mitigation strategies and general best practices for implementing AJAX and Web Services.

Java Quality Assurance, Security Testing and Auditing - This course is designed to fully equip the risk manager, auditor, developer or security professional tasked to audit Java/J2EE web-based applications for security vulnerabilities.

Secure Web Services for Managers - By the end of the class you will understand secure web services and will be ready to ask your web team the right questions and give the right guidance.

Secure J2EE Development: Data Validation Module - This long-awaited class is for Java Enterprise Edition developers who are serious about security. Move beyond simply knowing about attacks, and into secure techniques that allow you to protect your applications. Don't just listen to somebody tell you what's secure: learn how to implement input validation and output encoding with actual hands-on programming examples.

Introduction to Using Regular Expressions - Regular Expressions, also known as RegEx, are a compact way of describing complex patterns in text. RegEx patterns can be used to find, replace, edit, and filter text in files and databases. As an IT professional you may already know some RegEx. If you're like most of us, you probably dread RegEx but you also know that it's something you need to learn. This is your chance to improve your RegEx skills with the SANS RegEx course.