Java and Web application security

3 Day Course
Hands On
Code QASCAJWA

Book Now - 3 Delivery Methods Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online

Overview

Writing web applications in Java can be rather complex – reasons range from dealing with legacy technologies or underdocumented third-party components to sharp deadlines and code maintainability. Yet, beyond all that, what if we told you that attackers were trying to break into your code right now? How likely would they be to succeed?

This course will change the way you look at your Java code. We'll teach you the common weaknesses and their consequences that can allow hackers to attack your system, and – more importantly – best practices you can apply to protect yourself. We cover typical Web vulnerabilities with a focus on how they affect Java web apps on the entire stack – from the Java runtime environment to modern AJAX and HTML5-based frontends. In addition, we discuss the security aspects of the Java platform itself as well as typical Java programming mistakes you need to be aware of. We present the entire course through live practical exercises to keep it engaging and fun.

Writing secure code will give you a distinct edge over your competitors. It is your choice to be ahead of the pack – take a step and be a game-changer in the fight against cybercrime.

Topics include:

  • IT security and secure coding
  • Web application security
  • Client-side security
  • Foundations of Java security
  • Practical cryptography
  • Java security services
  • Common coding errors and vulnerabilities
  • Principles of security and secure coding
  • Knowledge sources

Objectives

  • Understand basic concepts of security, IT security and secure coding
  • Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
  • Learn about XML security
  • Learn how to set up and operate the deployment environment securely
  • Learn client-side vulnerabilities and secure coding practices
  • Learn to use various security features of the Java development environment
  • Have a practical understanding of cryptography
  • Learn about typical coding mistakes and how to avoid them
  • Get information about some recent vulnerabilities in the Java framework
  • Get sources and further readings on secure coding practices

Note: This course comes with a number of easy-to-understand exercises providing real-time ethical hacking fun. By accomplishing these exercises with the support of the trainer, participants can analyze vulnerable code snippets and commit attacks against them in order to fully understand the root causes of certain security problems. All exercises are prepared in a plug-and-play manner by using a pre-set desktop virtual machine, which provides a uniform development environment.

Target Audience

The intended audience for this course is primarily Project Managers, Business Analysts, Junior Developers and Designers. Plus anyone with an interest in building and maintaining secure systems lifecycle.

Additional Information

Note: This course is not designed for the experienced software developer and does not cover hands-on coding.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Day One (2 topics)

  • IT security and secure coding
  • Web application security

Day Two (4 topics)

  • Client-side security
  • Foundations of Java security
  • Practical cryptography
  • Java security services

Day Three (3 topics)

  • Common coding errors and vulnerabilities
  • Principles of security and secure coding
  • Knowledge sources

Prerequisites

There are no specific pre-requisites for this course. However a general understanding of development practices and a broad understanding of current threats would be desired. There are group exercises, and instructor led ‘hands-on’ labs within each module of this course. Delegates can observe the instructor demonstrations or engage fully with each hands-on lab, subject to experience.

Scheduled Dates

Please select from the dates below to make an enquiry or booking.

Pricing

Different pricing structures are available including special offers. These include early bird, late availability, multi-place, corporate volume and self-funding rates. Please arrange a discussion with a training advisor to discover your most cost effective option.

Code Location Duration Price May Jun Jul Aug Sep Oct
QASCAJWA
Virtual Classroom (Virtual On-Line)
3 Days $4,385

Course PDF

Print

Share this Course

Share

Recommend this Course

Sections