From Fedora Project Wiki
- Basics (100-level)
- Basic security - Sparks
- QE Training - Sparks
- buffer overflow
- XSS
- cross-site scripting (CSRF)
- SQL injection
- input validation
- storing user provided passwords (proper hashing)
- Encryption (using libraries, cipher choices, FIPS, Suite B) -- Eric
- FIPS 140-2 - Cryptographic Modules
- FIPS 197 - AES
- FIPS 186-4 - DSS
- Thinking like an attacker
- Languages (200-level)
- C
- Python
- Ruby
- Java
- JavaScript (node.js)
- CWEs
- Top 10
- Security Response
- What is a security flaw (report suspicious packages)
- Notifying SRT
- Handling security bugs
- Handling embargoes
- Fixing security flaws
- Testing security fixes
- Handling Errata
- Other stuff? should we discuss via email?
- Identity Management (Dpal's team can provide content)
- Basic
- What is Kerberos and its values?
- Introduction to PKI
- OS level identity managment component overview
- Security libraries and thier value (SASL, GSSAPI, TLS...)
- Advanced (dev)
- Best practices building authentication for your application
- Best practices of integrating Kerberos into your application
- Where, when and how use PKI in your application
- Web applications and identity managment: authentication, authorization, identity mapping, SSO
- Best practices around building access control for your application
- Advanced (SA)
- Implementing identity managment solutions and eSSO
- Basic