Threat Modeling is quickly becoming a required process for software development. Threat Modeling is a process designed to systematically identify systemic threats to an application architecture. Increasingly, organizations are recognizing the usefulness of effectively modeling the threats to their applications before they are deployed. This two-day class day class is targeted at Software Developers and Project Managers, introducing them to the concepts and methodologies of Threat Modeling.

Security isn’t nearly as effective when it is tacked on at the end of a project. It must be part of the development life-cycle from the beginning. These two-day courses are focused on Java and .NET developers and are designed to better prepare developers to make security an integral part of their development. Written by industry-leading security researchers, these classes cover security issues and tools specific to the Java and the .NET framework, to better prepare students to do it right the first time. This class has been delivered at BlackHat Vegas.

In this two-day course, students will push the limits of ASP.NET, and will learn how ASP.NET applications and environments are exploited by skilled attackers. Advanced exploitation techniques will be presented together with low-level technical analysis of the .NET Framework. Students will also learn advanced defense techniques, such as: building an ASP.NET security protection layer (also called a web application firewall), and real-time patching of vulnerabilities in the target application, the .NET Framework, or the CLR.