JAVA AND WEB APPLICATION SECURITY MASTER COURSE
Introducción:
Writing web applications in Java can be rather complex – reasons range from dealing with legacy technologies or underdocumented third-party components to sharp deadlines and code maintainability. Yet, beyond all that, what if we told you that attackers were trying to break into your code right now? How likely would they be to succeed?
This course will change the way you look at your Java code. We'll teach you the common weaknesses and their consequences that can allow hackers to attack your system, and – more importantly – best practices you can apply to protect yourself. We cover typical Web vulnerabilities with a focus on how they affect Java web apps on the entire stack – from the Java runtime environment to modern AJAX and HTML5-based frontends. In addition, we discuss the security aspects of the Java platform itself as well as typical Java programming mistakes you need to be aware of. We present the entire course through live practical exercises to keep it engaging and fun.
Writing secure code will give you a distinct edge over your competitors. It is your choice to be ahead of the pack – take a step and be a game-changer in the fight against cybercrime.
Audiencia:
Java EE developers, software architecs and testers.
Duración:
35 horas.
Objetivos:
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn about XML security
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Learn to use various security features of the Java development environment
- Learn about typical coding mistakes and how to avoid them
- Get information about some recent vulnerabilities in the Java framework
- Understand security concepts of Web services
- Learn about JSON security
- Understand some recent attacks against cryptosystems
- Learn about Hibernate security
- Learn about Spring security
- Learn about denial of service attacks and protections
- Get practical knowledge in using security testing techniques and tools
- Get sources and further readings on secure coding practices
Temario:
- IT security and secure coding
- Web application security (OWASP Top Ten 2017)
- Client-side security
- Practical cryptography
- Java security services
- Foundations of Java security
- Secure communication in Java
- Common coding errors and vulnerabilities
- Security of Web services
- Cryptographic vulnerabilities
- Hibernate security
- Spring security
- Denial of service
- Security testing
- Principles of security and secure coding
- Knowledge sources