Main Menu
My Infosec
Main Menu
My Infosec

Secure Coding for Java Training

InfoSec Institute’s Award Winning Secure Coding in Java & JEE Course provides the most comprehensive approach to developing Secure Java Applications. This course is designed for developers and designers of Java Applications that require effective, real world secure programming skills they can implement immediately at the workplace.

Analysts Recommended

IDC lists InfoSec Institute as Major Player in their Security Training Vendor Assessment.

Award Winning Training

For 17 years InfoSec has been one of the most awarded and trusted IT training vendors - 42 industry awards!

Secure Coding Course Overview

InfoSec Institute brings you our Secure Coding in Java & JEE Course. This comprehensive 3-day course is designed to educate professional programmers on the skills necessary to develop and deploy secure applications as a fundamental element of the entire application development process.

  • The objective of our Secure Coding in Java & JEE course is to encourage you to take security seriously by demonstrating concrete, hands-on examples of vulnerable code.
  • You will learn which poor programming practices lead to vulnerable code, how to code securely, and maintain secure development practices throughout the SDLC.
  • You will sharpen skills and gain experience in applying secure design and implementation principles through demonstrations of building, testing and securing real-world applications.
  • You will be given the opportunity to participate in securing and testing applications through a progression of “challenge scenarios” alternating assignments as “attackers” and “defenders” of applications.

Course Objectives:

Upon completing our Secure Coding in Java will provide you with valuable knowledge and skills including the ability to:

  • Understand common web application exposures and attacks (including those in the OWASP Top Ten)
  • Learn how to securely use the JEE APIs
  • Gain valuable security code review skills
  • Learn static analysis techniques that can help you quickly find flaws in your code
  • Understand input validation defenses that can be used to defend against common application vulnerabilities
  • Learn techniques to identify possible application threats early in the Software Development Lifecycle

Benefits & Goals:

Our 3-day intense course provides attendees with a look at how poor security practices leave applications open to attack, and then walks you through the necessary tools, techniques and Best Practices in order to ensure you know how to write code in a secure manner.

Only InfoSec Institute’s Secure Coding for Java course offers you the following benefits:

  • Three (3) days of InfoSec Institute training with a real Java Security expert. Our experts have extensive JEE development experience as well as years of experience performing security codereviews for hundreds of different Java applications.
  • Improvement in skills required to build and maintain secure applications
  • Lunch and snacks provided on each day of class
  • Provide compliance for the OWASP Top 10 training component in the PCI DSS Standard

Who Should Attend:

  • Java Application Developers
  • Managers, Architects and Technologists involved in deploying Java Applications

PREREQUISITES:

Prior to enrolling in InfoSec Institute’s Secure Java Application Developer Boot Camp, students should have roughly 12-24 months of experience developing Java apps. Attendees should have an understanding of web applications, web programming concepts, and experience building web applications using the Java Framework. A basic understanding of IT security principles is recommended but not required.

Award-Winning Training

View Pricing

We will never share any of your information, spam you or annoy you with pushy sales pitches.

The InfoSec Institute Experience

    During the Three Day program, our instructors give you 110% of their time and dedication to ensure that your time is well spent. You will receive an all-inclusive immersion experience by receiving your hotel stay and most meals during your training experience; therefore you eat, sleep and train at the learning facility with no distractions!Some of the topics you will learn to master during the Secure Coding in Java:

    • Input Validation & Encoding
    • Input Driven Attacks
    • Canonicalization Problems
    • Output Encoding
    • J2EE Filters
    • Validation & Encoding with Frameworks (Struts, Spring, etc)
    • Authentication, Authorization & Session Management
    • Parameter Manipulation
    • Java Authentication and Authorization Service (JAAS)
    • Servlet and EJB Container-Based Security
    • Servlet and EJB Component/Tier-Level Security
    • Password Security
    • Protecting User Sessions & Tokens
    • Common Cryptography Pitfalls
    • Using Java Cryptography Architecture (JCA/JCE) and 3rd Party APIs (Jasypt, Java DPAPI, etc)
    • Securing Communications with Java Secure Socket Extension (JSSE)
    • FindBugs
    • Integrating code review into the SDLC
    • Error Handling & Logging
    • Web Application Environment and Components
    • Attacking via Error Messages
    • Secure Logging & Error Handling
    • Platform Security
    • Securing Applications with Java 2 Platform Security
    • Web Services & Java RMI
    • Overview of Key Web Services Technologies (WSDL, SOAP, AJAX, etc)
    • Web Service Attacks and Securing
    • RMI Attacks and Securing
    • Application Threat Modeling
    • Application Decomposition
    • Identifying Attacks, Vulnerabilities & Countermeasures
    • Threat Modeling Tools
    • Using static analysis to find security issues such as: Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), SQL Injection, HTTP Response Splitting, Parameter Manipulation, Authentication & Authorization, Session Management, Error handling
    • Manual code review
    • Using static analysis tools

    Book your course

      What Our Students Are Saying

      The instructor is very knowledgeable and knows what he has to teach. He has provided some live examples as well.
      KC

      Kalyanaraman Chadalawada BJ's Wholesale Club

      Secure Coding for Java Training

      Career Tracks

      • IT Audit Track

        The IT Audit track goes through all aspects of IT Auditing. Our goals with this set of courses is to create the most complete Security Auditor an organization could wish for.
      Ready to get started? Get instant pricing for this award-winning boot camp. View course pricing
      View instant course pricing