Secure Coding for Java Training Boot Camp
Learn how to develop Secure Java applications. This boot camp is designed for developers and designers of Java applications that require effective, real-world secure programming skills they can implement immediately at the workplace.
Learn secure Java coding!
- Three days of live, expert Secure Coding for Java training
- 100% Satisfaction Guarantee
- Free annual Infosec Skills subscription ($299 value!)
- 1-year access to all boot camp video replays and materials
- Hands-on cyber ranges and labs
- Knowledge Transfer Guarantee
This comprehensive three-day Secure Coding for Java Boot Camp is designed to educate professional programmers on the skills necessary to develop and deploy secure applications. You will learn about potential security issues through concrete, hands-on examples of vulnerable code.
You’ll learn which poor programming practices lead to vulnerable code, how to code securely and how to maintain secure development practices throughout the SDLC. You will sharpen skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing and securing real-world applications. You will be given the opportunity to participate in securing and testing applications through a progression of “challenge scenarios” alternating assignments as “attackers” and “defenders” of applications.
What you’ll learn
You’ll learn how poor security practices leave applications open to attack and how to implement the necessary tools, techniques and best practices to write code in a secure manner. This boot camp will help develop your knowledge and skills around:
- Common web application exposures and attacks (including those in the OWASP Top Ten)
- Securely using the JEE APIs
- Static analysis techniques that can help you quickly find flaws in your code
- Input validation defenses that can be used to defend against common application vulnerabilities
- Techniques to identify possible application threats early in the Software Development Lifecycle
Who should attend
- Java application developers
- Managers, architects and technologists involved in deploying Java applications
- Anyone interested in learning more about secure Java coding
Prerequisites
Roughly 12-24 months of experience developing Java apps is recommended. You should have an understanding of web applications, web programming concepts and experience building web applications using the Java Framework. A basic understanding of IT security principles is recommended but not required.
Everything you need to learn secure Java
- Three days of live, expert Secure Coding for Java training
- 100% Satisfaction Guarantee
- Free annual Infosec Skills subscription ($299 value!)
- 1-year access to all boot camp video replays and materials
- Hands-on cyber ranges and labs
- Knowledge Transfer Guarantee
JAVA training schedule
Infosec’s JAVA training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared.
- Before your boot camp
-
Start learning now. You’ll get immediate access to all the content in Infosec Skills the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
-
- During your boot camp
-
Some of the topics covered during the boot camp include:
- Input validation and encoding
- Input driven attacks
- Canonicalization problems
- Output encoding
- J2EE filters
- Validation and encoding with frameworks (Struts, Spring, etc)
- Authentication, authorization and session management
- Parameter manipulation
- Java authentication and authorization service (JAAS)
- Servlet and EJB container-based security
- Servlet and EJB component/tier-level security
- Password security
- Protecting user sessions and tokens
- Common cryptography pitfalls
- Using Java Cryptography Architecture (JCA/JCE) and third-party APIs (Jasypt, Java DPAPI, etc)
- Securing communications with Java Secure Socket Extension (JSSE)
- Error handling and logging
- Web application environment and components
- Attacking via error messages
- Secure logging and error handling
- FindBugs
- Integrating code review into the SDLC
- Securing applications with Java 2
- Platform security
- Web services and Java RMI
- Overview of key web services technologies (WSDL, SOAP, AJAX, etc)
- Web service attacks and securing
- RMI attacks and securing
- Application threat modeling
- Application decomposition
- Identifying attacks, vulnerabilities and countermeasures
- Threat modeling tools
- Using static analysis to find security issues such as cross site scripting (XSS), cross site request forgery (CSRF), SQL injection, HTTP response splitting, parameter manipulation, authentication and authorization, session management, error handling
- Manual code review
- Using static analysis tools
-
- After your boot camp
-
Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.
-
Free JAVA training resources
Sign up