...
Producing secure code for applications is a key aspect of protecting GÉANT applications and systems. With the move towards multi-domain systems and services, there is a greater emphasis on securing these multi-domain systems as well as ensuring secure deployment of them. This year's Secure Code Training will focus on areas that affect the development and analysis of application's source code.
Emphasis on understanding threat and risk modelling will enable developers to think about security from the very earliest stage of the project lifecycle.
Apart from the main security concepts for this session, a review of the most significant bad and good programming practices covering Perl, Python and shell scripting languages will be covered.
The training will contain an extensive hands-on workshop aspect. The workshop will be divided into four blocks, covering specific coding security problems which lead to various security vulnerabilities. After covering the theoretical basics, the participants will begin to search for the vulnerabilities which were covered, and analyse the code of the modified MDS tools. At the end of the practical part, participants will have the opportunity to take part in a "HackMe" contest, where they will be able to further strengthen the knowledge that they will have obtained during the workshop.
Organizers of the training will review received preregistration application forms and choose a group of participants with a coherent level of knowledge in programming languages. All applicants will be notified in a week after the preregistration is closed.
Objectives
Attendees having completed this training should be able to:
...