Re: Suggested Security and Performance Programming Classes

["Dave Wichers" <dave.wichers () aspectsecurity com>]

JZ,

Aspect Security, who leads the OWASP Top Ten Project, offers developer
training courses that focus on how to develop secure web applications.  We
offer a one day and two version of the course. The one day course is pure
lecture and the two day course iintegrates a lab into the course where the
students get to exploit the kinds of vulnerabilities we describe in the
class. The lab is centered around WebGoat which is another OWASP project led
by Aspect.

More info on WebGoat and the Top Ten can be found at www.owasp.org.

More info on our course can be found at:
http://www.aspectsecurity.com/train.html

Thanks, Dave


Dave Wichers, COO
dave.wichers () aspectsecurity com
(443) 745-6268 (work)
(301) 604-4882 (main)
(443) 583-0772 (fax)

Aspect SecurityT
Securing your applications at the source
http://www.aspectsecurity.com

Do your developers know the top ten web application security mistakes?




----- Original Message ----- 
From: Jz z123
To: webappsec () securityfocus com
Sent: Tuesday, April 27, 2004 9:47 PM
Subject: Suggested Security and Performance Programming Classes




List-



Over the past few months I have been using my knowledge gained
throughout the securityfocus.com lists to heighten the awareness of how
serious
web based application security vulnerabilities (SQL Injection, Cross
Site Scripting etc..) can be.  In response to this awareness the CIO
asked that I research to determine if there are any commercially available
books and/or training classes that specialize in teaching these lessons
to our development staff.  He has also asked if I could research to
determine if there are any suggested training and/or books that are good
for coding for performance.



Development platform: C#, ASP.net, SQL server 2000.



Thanks for your input and suggestions.





-         JZ