Upcoming Classes

Sorry, there aren't any upcoming classes in this course. Check back often for frequent updates!

Classes in Your Area

ACE offers on-site IT training to organizations throughout the country. If you have a group in need of computer training, we will come to you.

Agency Security Training

Advanced Security by Academy of Computer Education is a preferred training vendor to many of the nation’s top military and government agencies. Our top clients include the Army, Navy, FBI, DIA, DHS to name a few. Here are some agency home pages that may help you in your training approval process:

» Army

» DHS

» DIA

» DISA

» FBI

» Government Agencies

» Navy

GSA # GS-35F-0431S

Awards and Recognitions

Throughout the past decade of security training that we have offered we have received awards and achieved milestones in the industry that display our dedication to success in Information Assurance training. Some of these include:

» EC-Council ATC Circle of Excellence 2012

» EC-Council ATC of the Year 2011 - #1 EC-Council Training Provider in the World

» EC-Council ATC of the Year 2010 - #1 EC-Council Training Provider in the World

» EC-Council ATC Circle of Excellence 2009

» EC-Council Instructor Circle of Excellence 2009

» CompTIA Authorized Partner

» Microsoft Official IT Academy

» ITSQ Security Trainer of the Year 2009

Maryland Campus
7833 Walker Drive, Suite 520C
Greenbelt, Maryland 20770
Phone: (301) 220-2802
Toll-Free: (877) 564-TRAIN
Fax: (301) 220-3814

Virginia Campus
45195 Research Pl, Suite 120
Ashburn, VA 20147
Phone: (571) 209-9234
Toll-Free: (877) 774-9234
Fax: (571) 209-9238

Request Class Information

What location would you like to attend

How many years of IT work experience do you have? (Required)

Which course are you interested in?
(Required)

Contact Information

First Name (Required)

Last Name (Required)

Email Address (Required)

Phone # (Required)

Enter the 3 characters below to continue:

By clicking submit I agree to the TrainACE Privacy Policy and I am aware that my contact information will not be shared with any 3rd party vendors.

Take This Course Online

Looking to take this class as an online or computer based course from home? We have two solutions to choose from:

1) Instructor-Led Live Online - Click Here

2) Self-Paced Pre-Recorded - Click Here

Category: Cyber Security | Vendor: EC-Council

Secure Coding / Application Security Training - Classes for the ECSP and CSSLP Certifications

Secure coding / application security is the practice of developing applications, whether for desktop or the web, in such a manner as to provide defense-in-depth against malicious attacks. Although security and threat modeling discussions often focus on the network and hardware resources to be implemented, software should be written with an approach of defensive coding as well.

Secure coding is not intended to be a practice that creates invulnerable systems. However, it is expected to reduce risk and mitigate damage from a security breach. As an example of mitigation of risk, consider that an application often requires database access in order to store and manipulate data. The credentials available to the application should be only provided limited access to the database in question, so that if the application is compromised the breach, while not prevented, is still hopefully limited. The intention of secure coding is to attempt to provide a 'last resort' defense tactic, which is not intended to replace hardware and network level security, but add additional layers to the existing strategy.

Some of the best practices for secure coding, regardless of language, include items such as consistent input validation and least privilege. Checking inputs not only for expected values but for attempts to pass in malicious data is a must for effective security. In addition to validation, compiler warnings often indicate potential areas that should be addressed. It is, unfortunately, all too common for developers to become inured to the compiler messages that don't cause a build to fail.

Additionally, usage of a 'default deny' method for access is considered best practice. An example of this would be a white list of allowed users or data as opposed to a black list of blocked users. Simplicity in design is an effective tool to prevent overly engineered code, which may inadvertently expose areas that could be compromised.

Secure Coding / AppSec Training Pricing and Schedule

If you are looking for an application security / secure coding training class, then we have the solution. You can request a proposal for training for your group. We can perform the class on a Monday through Friday, daytime schedule at your location or ours. to request a training proposal, click the link below and provide us with as many details about your specific needs as possible.

Our training can prepare you for the EC-Council ECSP Certification or the ISC2 CSSLP Certifcation.

Secure Coding Training Pricing

$2995.00 Per Enrollment

News Related to Secure Coding

There are no current articles related to this course. Please check back soon!