Cybercrime, data leaks and information security get more attention than ever in the news. Governments and companies dedicate more and more resources to these areas. However, most of that attention appears to be focused on reactive measures (How do we catch the cybercriminals?) instead of on preventive measures (How do we make our systems secure?). Although it is hard to measure, research reports indicate that building security in is worth the investment. Key in the software building process is education. If programmers do not understand the security of the software they are building, any additional investment in the process is useless.
The EXIN Secure Programming Foundation exam tests the knowledge of the candidate on the basic principles of secure programming. The subjects of this module are Authentication and Session Management; Handling User Input; Authorization; Configuration, Error Handling and Logging; Cryptography; and Secure Software Engineering.