Limes Academy / Security Engineering Training / SEC.302 Secure Coding C#

SEC.302 Secure Coding C#

During the Secure Coding for C# training, different C# language features will be introduced that can contribute to the stability of the code and are necessary as a basis for the development of robust code. In addition, cryptographic concepts such as encryption, hashing or digital signatures are discussed. You will learn how to achieve robust session management using meaningful access controls. Classic web attacks such as cross-site scripting and SQL injection are explained and how to protect against them is demonstrated. Finally, we discuss how code reviews and static analyses are performed to achieve optimal code quality. For a better understanding, the topics are explained using practical exercises.

The training is particularly recommended for

developers who do develop on a daily basis.The training offers a healthy mix of Back-end and Front-end developer topics and also includes several topics regarding for Software Architects.

The training in a nutshell

  • Ideal entry-level training for secure software development
  • Duration: 3 days
  • Course Language: German or English
  • Requirements: No previous knowledge, own notebook necessary
  • Completion with certificate of participation
  • Public and in-house training possible

Content of training

The participants can expect the following content for the selected training:

Tag 1

  • Introduction to IT-Security
    • Evolution of Cyber-Attacks
    • Types of Attackers
    • IT-Security 101
  • Cryptography
    • Encryption
    • Hashs
    • Signatures
    • Public-Key Infrastructure and Certificates
    • Transport Layer Security (TLS)
  • Authentication & Authorization
    • Passwords
    • Problems with Password-based Authentication
    • Brute-Force-Attacks

Tag 2

  • Authentication & Authorization Part 2
    • Secure Session Management
    • Forwards and Redirects
    • Security-Frameworks
  • Injection Attacks
    • SQL Injections
    • OS Command Injection
    • Cross Site Scripting (XSS)

Tag 3

  • C# Language Security
    • Data Types
    • Encapsulation
    • Exception Handling
    • Logging
    • Multi-Threading
    • Code Signing
  • Secure Communication
    •  XML Injections
    • Windows Communication Foundation
    • Web Apps and TLS/HTTPs
  • Revision
    • Code Review
    • Static & Dynamic Analyse
    • Secure Software Development Process

After the training the participants should…

  • understand how attacks work and start thinking like an attacker
  • understand why secure software development is important and why to implement it
  • understand what steps are necessary for a secure software development
  • be capable to integrate secure development into their area of responsibility


SEC.302 C# Secure Coding 



 for security basics in software development 

Dates and registration

09 March 2021

SEC.301 Secure Coding Java

09. March - 11. March
20 April 2021

SEC.302 Secure Coding C Sharp

20. April - 22. April
05 October 2021

SEC.303 Secure Coding Web

05. October - 06. October