Just had my annual appraisal and found out my company is willing to pay for training and exams etc! Woohoo (they kept that one quiet). I'm interested in doing a course on secure development techniques.
Has anyone got any suggestions for good quality distance learning courses in secure development (I could probably get a couple of days off to attend a conference/ course if required)?
We're mostly an MS .Net house but I have no particular allegiance to MS or any other programming language (though, obviously, C++ is the best language in the world). I have 12 years development experience working in (what are now) PCI:DSS environments, including designing and developing a key management system and I have some knowledge of basic attacks (XSS, injection etc). I would prefer a hard course I struggle with to a basic course I learn 3 things from (but hopefully get something right at my level).
A quick google found these two course which look good:
http://www.sans.org/course/secure-coding-net-developing-defensible-applications
https://www.isc2.org/csslpedu/default.aspx
I don't really know how to choose between them, and finding other courses isn't going to make that job any easier, so I thought I'd ask those who know.
EDIT : Hmm, care to share the reason for your down vote, will help me learn how to use the site better...
