Advanced Java, JEE, and Web Application Security
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
n addition to the solid knowledge of the use of Java components, even for experienced Java programmers, it is necessary to have a deep knowledge of Web-related vulnerabilities on both the server and the client, various vulnerabilities related to Web applications written in Java, and the consequences of various risks.
Common web-based vulnerabilities are demonstrated by presenting the relevant attacks, while recommended coding techniques and mitigation methods are explained in the context of Java with the overriding goal of avoiding associated problems. In addition, special focus is placed on client-side security that addresses JavaScript, Ajax, and HTML5 security issues.
The course introduces the security components of the standard Java edition, which are preceded by the foundations of cryptography, and provide a common basis for understanding the purpose and operation of applicable components. Security issues for Java Enterprise Edition are introduced through various exercises that explain declarative and programmatic security techniques in JEE.
Finally, the course explains the most common and critical programming flaws in the Java language and platform. Besides the typical mistakes made by Java programmers, the vulnerabilities presented cover both language-specific issues and issues arising from the runtime environment. All relevant vulnerabilities and attacks are demonstrated through easy-to-understand exercises, followed by recommended coding guidelines and possible mitigation techniques.
-
COURSE OBJECTIVES
By the end of the course, you‘ll be able to:
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Learn to use various security features of the Java development environment
- Have a practical understanding of cryptography
- Understand security concepts of Web services
- Understand security solutions of Java EE
- Learn about typical coding mistakes and how to avoid them
- Get information about some recent vulnerabilities in the Java framework
- Get practical knowledge in using security testing tools
- Get sources and further readings on secure coding practices
-
COURSE AUDIENCE
This course is made for :
- Java and JEE developers
- software architect
-
COURSE OUTLINE
Day One
- IT security and secure coding
- Web application security
- Client-side security
- Client-side security
Day Two
- Foundations of Java security
- Practical cryptography
Day Three
- Java security services
- Security of Web services
Day Four
- XML security
- JSON security
- Java EE security
Day Five
- Common coding errors and vulnerabilities
- Principles of security and secure coding
- Knowledge sources