...
This document has been prepared to show the agenda of Secure Coding Training (SCT) that will be held at DFN (Berlin) in March 2016 by SA4T1 experts.
Registration page: https://eventr.geant.org/events/2332
Contact person: the main contact person for this issue is currently Gerard Frankowski, PSNC – gerard.frankowski@man.poznan.pl.
During week 25-29.01.2015 main contact person is Paweł Berus, PSNC - pawel.berus@man.poznan.pl
Experts
Currently we have the following experts (sorted alphabetically):
...
Producing secure code for applications is a key aspect of protecting GÉANT applications and systems. With the move towards multi-domain systems and services, there is a greater emphasis on securing these multi-domain systems as well as ensuring secure deployment of them. This year's Secure Code Training will focus on areas that affect the development and analysis of application's source code.
Emphasis on understanding threat and risk modelling will enable developers to think about security from the very earliest stage of the project lifecycle.
Apart from the main security concepts for this session, a review of the most significant bad and good programming practices covering Perl, Python and shell scripting languages will be covered.
The training will contain an extensive hands-on workshop aspect. The workshop will be divided into four blocks, covering specific coding security problems which lead to various security vulnerabilities. After covering the theoretical basics, the participants will begin to search for the vulnerabilities which were covered, and analyse the code of the modified MDS tools. At the end of the practical part, participants will have the opportunity to take part in a "HackMe" contest, where they will be able to further strengthen the knowledge that they will have obtained during the workshop.
Organizers of the training will review received preregistration application forms and choose a group of participants with a coherent level of knowledge in programming languages. All applicants will be notified in a week after the preregistration is closed.
Objectives
Attendees having completed this training should be able to:
...
After the training the lecturers will be available for questions and discussion.
Preregistration form questions
Which programming languages do you know, use and plan to use in the GEANT project?
Please use: 0 - never used, 1 - used for some little projects, 2 - quite familiar, 3 - expert.
Java: [ ]
Python: [ ]
Scripting (bash): [ ]
Other: ...........................
How do you rate your security knowledge?
0 - no experience
1 - I know what SQL injection and XSS means
.
Funding
The funding covers participants of the GEANT GN4 Project.
It is to cover reasonable costs of travel and accommodation for the
purpose of attending the course.
The process is that any participant will pay for their own travel and
accommodation then claim and be repaid these costs from their own NREN
under their own expenses policy.
The NREN in turn claims these costs in their monthly reclaim with the
Reference NA1 T7 and the course title in the description line.
The GEANT project is unable to pay individuals directly.
Accommodation
The Park Inn is offering special rates for attendees - Keyword - SecureCode 2016.
Park Inn by Radisson Berlin – Alexanderplatz
Alexanderplatz 7
10178 Berlin
Germany
The guests reserve the room by themselves directly in the hotel under the above mentioned keyword in our Individual Reservation department as follows:
- telephone number: +49 (0)30 2389 4333 or
- fax number: +49 (0)30 2389 4305 or
- Email: reservations@parkinn-berlin.com.
This hotel is less than 5 minutes walk from the DFN office.2 - I am familiar with most of the topics in the agenda