Java Security Master Course

As a developer, your duty is to write bulletproof code. However…

What if we told you that despite all of your efforts, the code you have been writing your entire career is full of weaknesses you never knew existed? What if, as you are reading this, hackers were trying to break into your code? How likely would they be to succeed?

This advanced course will change the way you look at code. A hands-on training during which we will teach you all of the attackers’ tricks and how to mitigate them, leaving you with no other feeling than the desire to know more.

It is your choice to be ahead of the pack, and be seen as a game changer in the fight against cybercrime.

Audience

§ Java and JEE Developers

§ Software Architects

§ Testers

Course Objectives

Participants attending this course will:

§ Understand basic concepts of security, IT security and secure coding

§ Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them

§ Learn about Hibernate security

§ Learn client-side vulnerabilities and secure coding practices

§ Learn to use various security features of the Java development environment

§ Have a practical understanding of cryptography

§ Learn about typical coding mistakes and vulnerabilities of various technologies

§ Understand security concepts of Web services

§ Learn about XML security

§ Learn about JSON security

§ Learn about Vaadin security

§ Learn about JSF and PrimeFaces security

§ Learn about typical coding mistakes and how to avoid them

§ Get information about some recent vulnerabilities in the Java framework

§ Learn about denial of service attacks and protections

§ Understand security solutions of Java EE

§ Learn about Spring security

§ Get practical knowledge in using security testing techniques and tools

§ Learn how to handle vulnerabilities in the used platforms, frameworks and libraries

§ Get sources and further readings on secure coding practices

Prerequisites

Advanced Java and Web application development

Outline

§ IT security and secure coding

§ Web application security

§ Hibernate security

§ Client-side security

§ Foundations of Java security

§ Practical cryptography

§ Java security services

§ Input validation

§ Security of Web services

§ XML security

§ JSON security

§ Vaadin security

§ JSF and PrimeFaces security

§ Improper use of security features

§ Denial of service

§ Java EE security

§ Spring security

§ Improper error and exception handling

§ Time and state problems

§ Code quality problems

§ Security testing techniques

§ Deployment environment

§ Principles of security and secure coding

§ Knowledge sources