Network Security

• Basic understanding of software development principles
• Familiarity with networking fundamentals and OSI model
• Some experience with application development or system architecture

Audience

• Developers
• Software architects
• Security engineers
• IT professionals interested in secure application and network communication

Since all modern applications rely heavily on communication over networks, ensuring robust network security is essential for protecting application integrity and data confidentiality.

This instructor-led, live training (online or onsite) focuses on network security from a software security perspective. Participants will learn about common network attacks and defenses across OSI layers, with a strong emphasis on application-layer threats such as session hijacking and denial-of-service (DoS) attacks.

Participants will also gain practical insight into cryptographic principles and algorithms, understand widely used security protocols like IPSEC and SSL/TLS, and analyze notable real-world cryptographic vulnerabilities. The course provides hands-on guidance without diving into complex mathematical theory, making it suitable for developers and engineers focused on practical security implementations.

By the end of this training, participants will be able to:

• Understand key concepts in IT security and secure coding.
• Identify and mitigate network threats at different OSI layers.
• Apply cryptographic methods in real-world scenarios.
• Implement and configure security protocols securely.
• Recognize and address cryptographic vulnerabilities and exploits.
• Access resources for ongoing secure coding practices.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Introduction

• Importance of network security in software development
• Common threat landscape and attacker motivations
• Overview of layered defense strategy and secure design principles

IT Security and Secure Coding

• Overview of security objectives (CIA)
• Introduction to secure software development
• Common security misconceptions in coding

Network Security

• OSI model and network vulnerabilities
• Common attacks (DoS, spoofing, MITM, session hijacking)
• Network security defenses and best practices

Practical Cryptography

• Symmetric encryption algorithms (AES, DES)
• Asymmetric encryption (RSA, ECC)
• Hashing and integrity checks (SHA family)
• Key management and Public Key Infrastructure (PKI)

Security Protocols

• Introduction to cryptographic protocols
• IPSEC: architecture, modes, and use cases
• SSL/TLS: handshake process and secure communication
• Common protocol pitfalls and misconfigurations

Cryptographic Vulnerabilities

• Protocol-specific attacks: BEAST, CRIME, POODLE, FREAK, Logjam
• Padding oracle attacks
• Timing attacks (e.g., RSA timing)
• Practical mitigations and secure usage patterns

Knowledge Sources

• Secure coding standards (e.g., OWASP, CERT)
• Guidelines and tools for vulnerability testing
• Continuous learning and community resources

Summary and Next Steps