As a developer, your duty is to write bulletproof code. However…
What if we told you that despite all of your efforts, the code you have been writing your entire career is full of weaknesses you never knew existed? What if, as you are reading this, hackers were trying to break into your code? How likely would they be to succeed?
This advanced course will change the way you look at code. A hands-on training during which we will teach you all of the attackers’ tricks and how to mitigate them, leaving you with no other feeling than the desire to know more.
It is your choice to be ahead of the pack, and be seen as a game changer in the fight against cybercrime.
Audience
§ Java and JEE Developers
§ Software Architects
§ Testers
Course Objectives
Participants attending this course will:
§ Understand basic concepts of security, IT security and secure coding
§ Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
§ Learn client-side vulnerabilities and secure coding practices
§ Learn to use various security features of the Java development environment
§ Have a practical understanding of cryptography
§ Understand security concepts of Web services
§ Learn about XML security
§ Learn about JSON security
§ Understand security solutions of Java EE
§ Learn about Spring security
§ Learn about denial of service attacks and protections
§ Learn about typical coding mistakes and how to avoid them
§ Get information about some recent vulnerabilities in the Java framework
§ Get practical knowledge in using security testing techniques and tools
§ Get sources and further readings on secure coding practices
Prerequisites
Advanced Java and Web application development
Outline
§ IT security and secure coding
§ Web application security
§ Client-side security
§ Foundations of Java security
§ Practical cryptography
§ Java security services
§ Security of Web services
§ XML security
§ JSON security
§ Java EE security
§ Spring security
§ Denial of service
§ Common coding errors and vulnerabilities
§ Security testing techniques
§ Principles of security and secure coding
§ Knowledge sources