Defensive Programming

This training will take you step by step through the process of developing defensive design practices, which can substitute common defensive coding, for the better of software design and implementation.

15+ Years Experience
Learn from industry leaders
Tailor-made Learning Journeys
Become the expert you want to be!
Hands-On Approach
Immediately start applying your craft
Rated 8,3
Highly reviewed by your peers

Upcoming courses

role-general-role
  • DevSecOps Engineer
Non-certified
Beginner
  • English
2 days
09:00 - 17:00
Lunch incl.

Short summary

Do you recognize having to defend from nulls, zeros, surprising cases hitting switch instruction, impossible else branches, and so on? And is your life a constant struggle with issues caused by unexpected data or invalid system state? During this training, Defensive Programming, you will learn how to defend by means of design, so that almost all explicit defensive code can be removed. First of all, you’ll discover how to build validation. second, you’ll explore how exactly to design a public interface. And finally, you’ll cover how to unify error flows, so nothing unpredictable can take you by surprise.

Our Trainer

siyam-500x

Mohammed Siyam
DevSecOps consultant

Mohammed Siyam is a Security Architect at DevOn. He works with various distributed Agile and Scrum teams in helping them deliver secure software sustainably at speed and scale. Siyam is passionate about Software Security, Cloud Security and enjoys sharing his knowledge through various trainings.

Course objectives

The learning objectives for Defensive programming include an understanding of:

  • Intermediate level of knowledge to protect applications and fix security flaws
  • In-depth understanding of all the defensive programming techniques and principles
  • Brief overview of testing applications for vulnerabilities
  • Ability to identify internet resources to enable fast learning
  • Practical, hands on, and real world workshop enables learning by actually coding
  • Being able to recognize patterns and common vulnerabilities

Course topics

  • The Forrest Rabbit Analogy
  • Disclaimer and Responsible activities
  • The defensive programming principles
  • The OWASP foundation and projects
  • Understanding the common application security risks
  • A quick overview of Injection Attacks
  • Protecting queries against database
  • Input Validation Whitelisting
  • Blacklisting
  • Regex based
  • Typecasting based
  • Encoding and Decoding Url Encoding Base64 Encoding
  • Output Encoding and types
  • Cryptography
  • Encryption and Decryption
  • Hashing
  • Secure Failovers and Logging
  • Protecting Data during transit and storage; HTTPS; File Storage
  • HTTP Header based security and recent advancements
  • Securing the configurations
  • Types of Authentication
  • Secure Account Management Password storage
  • Protecting user identities so Secure Reset functionalities so Securely logging
  • Prevention against automated attacks
  • CAPTCHA
  • OTP
  • Randomized tokens
  • Cookie security Session Management Time Outs
  • A quick look at the defensive programming cheatsheet

Target audience

Developers, Programmers, Architects with experience in any scripting/programming languages.

Top reviews of our trainings

  • Its a combo of high over and technical

    Jasper Bos Masterclass Dave Farley
  • The trainer is very knowledgeable, enthusiastic and can explain everything

    Joyce Blaas-Franken / Agile Coach at Prowareness DevOps Foundation
  • Very strong in content, and enthusiastic

    Lars Gerards Kubernetes & Continuous Delivery
  • Applicability, speed, material knowledge

    D Stompé / Scrum Master at KPN DevOps Foundation
  • Good enthusiastic storyteller

    Ruud Deul / Teammanager domein Zorg at WiGo4it Masterclass Leading a DevOps Transformation
  • Enthusiastic and flexible

    Henri Dijk / Agile Coach at Centric DevOps Foundation

Training dates

Payment methods

Need help?

Please contact us via email or call us by the number stated below. We are more than happy to help you.

+31 (0)15 - 241 19 00
academy@devon.nl

What’s next for me?

Take a look at what trainings you should follow next to become a true expert in your field.

Certified DevOps Professional

2-days training
Intermediate
(CDP)® Certified DevOps Professional
Intermediate
(SREF)℠ Site Reliability Engineer certificate
Beginner
(DOFD)® DevOps Foundation certificate

FAQ

What if I book a date, but then have to reschedule?

After your registration has been confirmed, you are still able to change the date up to 20 days before the first day of the training. You are able to do this once. Please send your request to academy@devon.nl or call +31(0)15-24 11 900 for further assistance.

What if not enough people have signed up for the course?

Two weeks before each training, we will check if we have enough participants for the training course to be valuable and continue. If this is not the case, we will inform you by e-mail, with options for a new date and location. After this notification, you will have the right to cancel or change your registration within 5 working days.

How can I pay?

On the website you can choose to pay via iDeal, creditcard or by invoice with a payment period of 30 days.

Which languages do you offer your courses in?

Most of our courses are available in both English and Dutch. We have a selection of training courses which are only available in English, which will be on that training page. Our rule of thumb for courses in the Netherlands is – the course is in English unless everybody speaks Dutch, then the course is in Dutch. If you want to be sure you are in a Dutch course, please get in touch with academy@devon.nl in case the information on a specific date is not available on the course page.

What do the costs include?

Unless mentioned otherwise, the course fee includes the cost of training material, exam cost, the use of the location, catering and parking.

Only one or two locations are visible. How is that possible?

When you click on the orange arrow, the menu will unfold further. More locations and dates might appear.

Is VAT included in the prices shown?

The costs that apply to our programs initiated from the Netherlands are exempt from sales tax as per Article 11-1-o of the 1968 Sales Tax Act. In other locations/countries, the prices shown are excluding VAT, which will be added.

Can I still register for the training?

Is the ‘register’ headline visible? This means you can register and attend the training. Does the headline say ‘full’? Give us a call and we’ll try and help you out!

What language is the course material in?

All course material for the open registrations is in English.

When will I receive my exam code?

If you are doing the PSD (Scrum.org) or one of the certified DevOps Institute trainings, you will receive your exam code on the final day of the training.

What is your payment term?

We have a payment term of up to 30 days

Not sure if this course is for you?