Secure Coding for Java Training Boot Camp

Learn how to develop Secure Java applications. This boot camp is designed for developers and designers of Java applications that require effective, real-world secure programming skills they can implement immediately at the workplace.

★★★★☆

4.2

(77 ratings)

Learn secure Java coding!

Three days of live, expert Secure Coding for Java training
100% Satisfaction Guarantee
Free annual Infosec Skills subscription ($299 value!)
1-year access to all boot camp video replays and materials
Hands-on cyber ranges and labs
Knowledge Transfer Guarantee

This comprehensive three-day Secure Coding for Java Boot Camp is designed to educate professional programmers on the skills necessary to develop and deploy secure applications. You will learn about potential security issues through concrete, hands-on examples of vulnerable code.

You’ll learn which poor programming practices lead to vulnerable code, how to code securely and how to maintain secure development practices throughout the SDLC. You will sharpen skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing and securing real-world applications. You will be given the opportunity to participate in securing and testing applications through a progression of “challenge scenarios” alternating assignments as “attackers” and “defenders” of applications.

What you’ll learn

You’ll learn how poor security practices leave applications open to attack and how to implement the necessary tools, techniques and best practices to write code in a secure manner. This boot camp will help develop your knowledge and skills around:

Common web application exposures and attacks (including those in the OWASP Top Ten)
Securely using the JEE APIs
Static analysis techniques that can help you quickly find flaws in your code
Input validation defenses that can be used to defend against common application vulnerabilities
Techniques to identify possible application threats early in the Software Development Lifecycle

Who should attend

Java application developers
Managers, architects and technologists involved in deploying Java applications
Anyone interested in learning more about secure Java coding

Prerequisites

Roughly 12-24 months of experience developing Java apps is recommended. You should have an understanding of web applications, web programming concepts and experience building web applications using the Java Framework. A basic understanding of IT security principles is recommended but not required.

Everything you need to learn secure Java

Three days of live, expert Secure Coding for Java training
100% Satisfaction Guarantee
Free annual Infosec Skills subscription ($299 value!)
1-year access to all boot camp video replays and materials
Hands-on cyber ranges and labs
Knowledge Transfer Guarantee

View Pricing

JAVA training schedule

Infosec’s JAVA training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared.

Before your boot camp
- Start learning now. You’ll get immediate access to all the content in Infosec Skills the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
During your boot camp
- Some of the topics covered during the boot camp include:
  
  Input validation and encoding
  
  Input driven attacks
  
  Canonicalization problems
  
  Output encoding
  
  J2EE filters
  
  Validation and encoding with frameworks (Struts, Spring, etc)
  
  Authentication, authorization and session management
  
  Parameter manipulation
  
  Java authentication and authorization service (JAAS)
  
  Servlet and EJB container-based security
  
  Servlet and EJB component/tier-level security
  
  Password security
  
  Protecting user sessions and tokens
  
  Common cryptography pitfalls
  
  Using Java Cryptography Architecture (JCA/JCE) and third-party APIs (Jasypt, Java DPAPI, etc)
  
  Securing communications with Java Secure Socket Extension (JSSE)
  
  Error handling and logging
  
  Web application environment and components
  
  Attacking via error messages
  
  Secure logging and error handling
  
  FindBugs
  
  Integrating code review into the SDLC
  
  Securing applications with Java 2
  
  Platform security
  
  Web services and Java RMI
  
  Overview of key web services technologies (WSDL, SOAP, AJAX, etc)
  
  Web service attacks and securing
  
  RMI attacks and securing
  
  Application threat modeling
  
  Application decomposition
  
  Identifying attacks, vulnerabilities and countermeasures
  
  Threat modeling tools
  
  Using static analysis to find security issues such as cross site scripting (XSS), cross site request forgery (CSRF), SQL injection, HTTP response splitting, parameter manipulation, authentication and authorization, session management, error handling
  
  Manual code review
  
  Using static analysis tools
After your boot camp
- Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

Free JAVA training resources

Breaking into IT: From first job to advanced certs with CompTIA

Technical workers earn more than double the national average wage, according to a 2018 CompTIA IT Industry Outlook report. Learn how to get started in IT from Teresa Sears, senior director of certification products for CompTIA skills certifications, and Christine Tuttleman, a business information security officer, CompTIA SME and member of the CompTIA Technical Advisory Committee.

Listen Now

Java Code Embedding in C# [Updated 2019]

The real concept driving this article is to develop solutions using the .NET or Java Framework that interoperate with heterogeneous systems or even mutually communicate with each other.

Learn More

Debugging Java Applications Using JDB

This article walks the readers through debugging Java programs using a command-line tool called JDB

See Resources