SANS Software Security brings the most trusted name in computer security training to developers, architects, testers, managers and security professionals and provides:

  • Training on web application security, secure coding, software security testing, application penetration testing & ethical hacking, and PCI compliance
  • Language specific secure software development training for Java/JEE, .NET, C, PHP and others
  • Developer and web application security certification through our GIAC affiliate
  • Free resources to stay up-to-date with the most recent attack vectors and application security vulnerabilities

Looking to purchase SANS software security training?

 

Mission Statement

SANS Software Security seeks to ingrain security into the minds of every developer in the world by providing world-class educational resources to design, develop, procure, deploy, and manage secure software.

Resources

We offer developers, architects, testers, managers, and security professionals an opportunity to learn, discuss, and share current developments in the field. We provide information on application security research, training, certification, and events.

Secure Programming Tips

Course Overview

The majority of security vulnerabilities are found in the application layer. Our courses teach you how to develop defensible applications that are resistant to attack.

Course Brochure

Certification

Our software security certifications provide assurance that an individual has practical knowledge and skills in secure coding (GSSP), web application security (GWEB), and web application penetration testing (GWAPT).

SANS 2012 - Orlando

Latest Blog Posts

Software Security starts with Software Quality
January 25, 2012 - 4:29 PM

ASP.Net Forms Authentication Bypass
January 12, 2012 - 4:34 AM

ASP.Net Insecure Redirect
January 12, 2012 - 4:34 AM

View More »

Latest Tweets

@sansappsec: Sign up now and save $500 on DEV544 Secure Codin [...]
February 06, 2012 - 2:20 PM

@sansappsec: New blog post: "Software Security starts with So [...]
January 25, 2012 - 4:52 PM

@sansappsec: Last day to save 250 on DEV522 Defending Web #Ap [...]
January 25, 2012 - 11:20 AM

View More »

Latest Papers

Securing Blackboard Learn on Linux
By David Lyon

Mass SQL Injection for Malware Distribution
By Larry Wichman

Four Attacks on OAuth - How to Secure Your OAuth Implementation
By Khash Kiani

View More »

"The course used real code with simple scenarios illustrating a full attack scenario and how to fix the vulnerabilities."
- Jeffrey Bell, Lockheed Martin

"Gives tangible ideas to put into practice to make your code and infrastructure more secure."
- Keith G. Tullius, II, Escambia County Sheriff's Office

"When I get back to the office, I will use the knowledge I gained here for code review and design."
- James Guarnotta, Kinecta Federal Credit Union