Careervira Logo
Careervira Logo

USD $

Courses

Roles & Skills

Lists

Learn Paths

Career Paths

Information Technology
Hands on Training icon
Hands On Training
Hands on Training icon

Developing Secure Java Web Applications - Lifecycle (SDLC) (TT8325-J)

Course Cover
QuickStart
compare button icon

Course Features

icon

Duration

5 days

icon

Delivery Method

Online

icon

Available on

Lifetime Access

icon

Accessibility

Desktop, Laptop

icon

Language

English

icon

Subtitles

English

icon

Level

Intermediate

icon

Teaching Type

Self Paced

Course Description

Secure Java Web Application Development Lifecycle is a hands-on, lab-intensive course that teaches Java / JEE security. It is essential for enterprise developers who want to create, maintain and support secure JEE-based Web applications. This course teaches basic programming skills and focuses on sound practices and processes that can be applied to all phases of software development.

This course will teach students how to code web applications defensively. It includes XML processing, rich interfaces and both SOAP- and RESTful web services. Students will attack and defend different assets that are associated with web services and fully functional web applications. This hands-on approach teaches you how to protect JEE web apps in the most practical terms.

Security experts agree that "penetrate-and-patch" is the most ineffective approach to security. It is much more efficient to "bake" security in an application throughout its entire lifecycle. Developers are now ready to start building secure web applications from the beginning of a project. After spending considerable time trying to defend poorly designed web applications (from a security standpoint), they will be able to make improvements in the future. This course's final section builds upon the previous knowledge about building defenses and explores how design analysis can be used for stronger applications at the start of the software development lifecycle.

This workshop is an integral part of our Best Defense IT Security Training Series. It can be used as a companion course to several developer-oriented courses or seminars. This course is Java-specific but can be used with.Net or other programming languages.

A Java Developer earns an average of $69,722 annually.

Course Overview

projects-img

International Faculty

projects-img

Post Course Interactions

projects-img

Instructor-Moderated Discussions

Skills You Will Gain

Prerequisites/Requirements

Familiarity with Java and JEE is required and real world programming experience is highly recommended

Ideally students should have approximately 6 months to a year of Java and JEE working knowledge

What You Will Learn

Understand potential sources for untrusted data

Understand the consequences for not properly handling untrusted data such as denial of service, cross-site scripting, and injections

To test web applications with various attack techniques to determine the existence of and effectiveness of layered defenses

Prevent and defend the many potential vulnerabilities associated with untrusted data

Understand the vulnerabilities of associated with authentication and authorization

To detect, attack, and implement defenses for authentication and authorization functionality and services

Understand the dangers and mechanisms behind Cross-Site Scripting (XSS) and Injection attacks

To detect, attack, and implement defenses against XSS and Injection attacks

Understand the concepts and terminology behind defensive, secure, coding

Understand the use of Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets

Perform both static code reviews and dynamic application testing to uncover vulnerabilities in Java-based web applications

Design and develop strong, robust authentication and authorization implementations within the context of JEE

Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena

To detect, attack, and implement defenses for both RESTful and SOAP-based web services and functionality

Understand techniques and measures that can used to harden web and application servers as well as other components in your infrastructure

Understand and implement the processes and measures associated with the Secure Software Development (SSD)

Acquire the skills, tools, and best practices for design and code reviews as well as testing initiatives

Understand the basics of security testing and planning

Work through a comprehensive testing plan for recognized vulnerabilities and weaknesses

Target Students

Designed for developers who wish to get up and running on developing well defended software applications

This course may be customized to suit your team's unique objectives

Course Instructors

BH

Brian Hernandez

Web development Instructor

Brian Hernandez has been in the development field for over a decade. Brian works extensively with Full Stack Web Development, MEAN Stack, MEMR (Mango, Express, MySQL, React) Stack and other Modern We...
Read More
Course Cover
Home
Search
Wishlist