Description

Telecommunication is the foundation on which critical infrastructures are built – all modern technologies heavily rely on its security. The continued adoption of IP-based telecommunication and the exposure of telecom equipment opens additional paths for attackers, with a massive increase in security incidents against telecom systems.

The security of customer premises equipment and the prevalence of Internet of Things (IoT) devices is especially critical, as these devices are directly exposed to attackers and potentially resulting in large-scale attacks against users and companies alike. IoT security is recognized by the industry as a critical area of telecommunications, as evidenced by the efforts of the GSM Alliance to produce a set of IoT security guidelines for network operators.

The threats against telecom systems run the gamut from simple-yet-effective DDoS attacks to large-scale exploitation of vulnerabilities in communication equipment. Ultimately, the best way to deal with these challenges, you need motivated secure coders with the right skills and the right attitude to fight security problems: a skilled team of software and network engineers.

This training program exclusively targets engineers developing software applications or network equipment for the healthcare sector. Our dedicated trainers share their experience and expertise through hands-on labs, and give real-life case studies from the telecom industry – engaging participants in hands-on labs to realize the harsh consequences of insecure coding.

Our dedicated trainers share their experience and expertise through hands-on labs, and give real-life case studies from the telecom industry – engaging participants in hands-on labs to realize the harsh consequences of insecure coding.

Outline

• IT security and secure coding
• Special threats in the telecom sector
• Regulations and standards
• Web application security
• Client-side security
• Practical cryptography
• Network security
• Common coding errors and vulnerabilities
• Foundations of Java security
• Secure communication in Java
• Java security services
• x86 machine code, memory layout and stack operations
• Buffer overflow
• Some additional native code-related vulnerabilities
• Denial of service
• Principles of security and secure coding
• Knowledge sources

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Understand special threats in the telecom sector
• Understand regulations and standards
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn about XML security
• Learn client-side vulnerabilities and secure coding practices
• Have a practical understanding of cryptography
• Learn about network attacks and defenses at different OSI layers
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in the Java framework
• Learn to use various security features of the Java development environment
• Understand security concepts of Web services
• Realize the severe consequences of unsecure buffer handling
• Understand the architectural protection techniques and their weaknesses
• Learn about denial of service attacks and protections
• Get sources and further readings on secure coding practices

Prerequisites

Advanced Java, Web and C/C++ development

Audience

Developers, Testers, Professionals