man holding note saying secure code

SCT20 Secure Code Training

Secure Code Training provides knowledge to software developers and security specialists that allows for the provisioning of self-defending applications, that are protected against cyberthreats to the maximum possible extent. This year’s SCT20 has two separate training sessions which will be delivered in a virtual class environment in 2 each half day sessions by professional internal and external trainers. (I) Secure Programming in JavaScript and (II) Secure code Training. Although both sessions fall under the programme of SCT20 they require separate registrations.

Secure Code Training

Online workshop – 3 half days
Training provider: WP9-T2 Software Governance and Support
Participants: max 10 pp
Formula of the training: 70% theory – 30% practice
Topics:

  • Threat modeling
  • Continuous Integration and Secure Software Development Life Cycle
  • HTTP Security Headers
  • Modern secure authentication and authorization mechanisms
  • The most popular attacks against Web applications
  • API Security
  • HackMe contest with prizes

Training Platform

The training will be provided via a webinar platform like ZOOM or Microsoft teams. Participants log in to the training room via a browser with a dedicated link provided after registration.

Interaction options between the instructor and participants include:

  • Trainers are the only one speaking and sharing the screen, participants listen actively
  • Discussion ( all participants speak)
  • Screen sharing by participants
  • Chat

Trainers

Trainers: GÉANT Project, Secure Code Team:
Gerard Frankowski
Marcin Wolski
Maciej Łabędzki
Maciej Miłostan
Mikołaj Dobski
Paweł Berus

Organiser: GÉANT project, GN4.3-WP9T2, supported by GLAD

How to prepare for the training

Participants should have a practical knowledge of programming languages (for the workshop part Java will be covered, working with the source code may include some C or PHP examples – but the majority of presented issues are cross-language).  
SCT is a BYOL (Bring Your Own Laptop) workshop
You have to be able to run HyperV or Virtual Box virtual machine (prepared by the organisers) on your laptop
At least basic but practical knowledge of Java is required. Fluent English expected.

For more details on SCT20 and online participation visit the Secure Code Training wiki pages