Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

.NET and Angular Secure Programming

Course Summary

The .NET and Angular Secure Programming training course is an introduction to attack vectors, defensive programming, and security features of the .NET Core and Angular programming environments.

The course begins with students exploring the ways that modern, network applications may be attacked. Next, students will gain an understanding how attacks work, the foundation to defending against them. In addition students will learn best-practices and programming techniques that help defend against malicious attacks. The course concludes with a lesson on how .NET Core offers security features for authentication, role-based access, and data cryptography to protect against the unauthorized use of applications and data.

The single-page application environment of Angular is impacted by the same security issues as every web-based application, for example cross-site scripting attacks (XSS) and token hijacking. All web-based applications present additional risk of exposure when data is transported to the client for presentation. This course will identify techniques to help mitigate the risk, techniques that become extremely important when single-page applications in Angular encourage even more data to be transferred for processing on the client computer.

Learn how to develop secure code and adapt existing .NET and Angular applications to be more secure.
Developers looking to secure .NET and Angular applications.
Software Developer - Web Developer
Skill Level
Targeted Topic - Workshops
2 Days
Related Technologies
.NET | JavaScript | Web Development | Angular | Cybersecurity


Productivity Objectives
  • Identify injection attacks.
  • Code a secure Angular Application.
  • Leverage authentication and authorization for .NET applications.

What You'll Learn:

In the .NET and Angular Secure Programming training course, you'll learn:
  • Black-Hat Attack Goals
    • Data mining (theft)
    • Data manipulation
    • Denial of service
  • Injection Attacks
    • Cross-site Scripting (XSS)
    • SQL Injection
    • XML Injection
    • XPath injection
    • XML External Entity Expansion
    • Operating system command injection
    • Code injection
    • CRLF injection
    • LDAP injection
    • SMTP injection via web application
  • Additional Vulnerabilities
    • Token hijacking
    • Open redirect
    • Cross-site request forgery
    • UI Redress attacks (clickjacking)
    • Multithreaded servers and race conditions
  • NET Core Authentication and Authorization
    • Authentication mechanisms
    • Two-factor authentication
    • Role-based authorization
    • Facebook login
    • Open-auth
    • JSON Web Token (JWT)
    • CORS policies
  • Security Features
    • Data validation strategies
    • Cryptography - symmetric and asymmetric
    • Encrypting data in memory
    • Scoped data
    • Event logging
    • Code audits
  • Angular Secure Programming
    • XSS prevention model
    • Offline template compiler
    • Data sanitization
    • Back-end data exposure policies
    • Content-security policies
    • Model-view-view-model (MVVM)
“I appreciated the instructor's technique of writing live code examples rather than using fixed slide decks to present the material.”


Dive in and learn more

When transforming your workforce, it's important to have expert advice and tailored solutions. We can help. Tell us your unique needs and we'll explore ways to address them.

Let's chat

By filling out this form and clicking submit, you acknowledge our privacy policy.