Secure coding training & consulting company

SourceFlake

SECURE CODING TRAINING

State of the art hands-on secure coding trainings on JEE and ASP.NET stacks cherished with real life experiences. The training content not only has attack vectors but mainly includes practical prevention techniques.

SECURITY FINDING MENTORING

Application penetration test reports have "best-offered" mitigation techniques which might not really help developers finding the right fix. Developers are mentored on finding optimum solutions to reported attack vectors.

SECURITY ORIENTED PAIR PROGRAMMING

Pair programming, albeit not widely adopted, is an effective technique for producing quality software. Steering developers are mentored from a security perspective as a navigator one on one during the coding process.

SECURE DLC SUPPORT

64% of developers consult collegues or search engines when faced with security problems. SourceFlake includes 24x7 online/phone security problem solving and threat modeling support against critical security processes.

The Secure Code Ultimate Checklist

DOWNLOAD

Supplementary Software Security Content

SourceFlake list of secure software related auxilary content.

Software Security AntiPatterns .NET

Find out and demo the commonly reinvented bad solutions in programming that eventually lead to insecure software from web application perspective.

VISIT

Comprehensive Secure Coding Checklist

The document includes 290+ pages of examples of insecure code types and their related mitigation techniques for JEE, .NET and ANDROID technologies.

DOWNLOAD

Interactive Input Validation Strategy Game

PLAY LOTI

About SourceFlake

Software Security and SourceFlake

Development is a complex process and it is extremely hard to keep a software secure as it ages. Over four decades have been passed since the Saltzer & Schroeder published their paper covering Protection Design Principles. Aligned to its importance, several semi-automatic tools are devised to find security vulnerabilities on running or static software. Still vast amount of websites include critical security vulnerabilities including hard-to-catch business logic bugs.

SourceFlake is a small shop providing boutique manual secure coding training & consulting services leveraging 15+ years of secure software development experience.

CORPORATE TRAININGS

Development Meets Hacking

Secure software runs correctly under any attack as well it should run correctly under normal conditions. With SourceFlake on-premise training, corporate developers meet with the hacker perspective. Moreover, independent of any source code bug/vulnerability, they learn the basic principles and techniques of secure code writing through with hands-on demo applications.

The training details and customizes secure software development strategies in different flavors and content with the same state of mind. SourceFlake secure software development training comprises of JEE and .NET technologies in two different training sets.

THE SHORT TRAINING CONTENT Contact Us for more