Course Code: cl-jwe
Duration: 28 hours
Prerequisites:

Audience

  • Developers
Overview:

Beyond solid knowledge in using Java components, even for experienced Java programmers it is essential to have a deep knowledge in web-related vulnerabilities both on server and client side, the different vulnerabilities that are relevant for web applications written in Java, and the consequences of the various risks.

General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of Java with the most important aim to avoid the associated problems. In addition, a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5.

The course introduces security components of Standard Java Edition, which is preceded with the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. Security issues of Java Enterprise Edition are presented through various exercises explaining both declarative and programmatic security techniques in JEE.

Finally, the course explains the most frequent and severe programming flaws of the Java language and platform. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.

Participants attending this course will

  • Understand basic concepts of security, IT security and secure coding
  • Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
  • Learn client-side vulnerabilities and secure coding practices
  • Learn to use various security features of the Java development environment
  • Have a practical understanding of cryptography
  • Understand security concepts of Web services
  • Understand security solutions of Java EE
  • Learn about typical coding mistakes and how to avoid them
  • Get information about some recent vulnerabilities in the Java framework
  • Get practical knowledge in using security testing tools
  • Get sources and further readings on secure coding practices
Course Outline:
  • IT security and secure coding
  • Web application security
  • Client-side security
  • Client-side security
  • Foundations of Java security
  • Practical cryptography
  • Java security services
  • Security of Web services
  • XML security
  • JSON security
  • Java EE security
  • Common coding errors and vulnerabilities
  • Principles of security and secure coding
  • Knowledge sources
Sites Published:

United Arab Emirates - Advanced Java, JEE and Web Application Security

Qatar - Advanced Java, JEE and Web Application Security

Egypt - Advanced Java, JEE and Web Application Security

Saudi Arabia - Advanced Java, JEE and Web Application Security

South Africa - Advanced Java, JEE and Web Application Security

Brasil - Advanced Java, JEE and Web Application Security

Canada - Advanced Java, JEE and Web Application Security

中国 - Advanced Java, JEE and Web Application Security

香港 - Advanced Java, JEE and Web Application Security

澳門 - Advanced Java, JEE and Web Application Security

台灣 - Advanced Java, JEE and Web Application Security

USA - Advanced Java, JEE and Web Application Security

Österreich - Advanced Java, JEE and Web Application Security

Schweiz - Advanced Java, JEE and Web Application Security

Deutschland - Advanced Java, JEE and Web Application Security

Czech Republic - Advanced Java, JEE and Web Application Security

Denmark - Advanced Java, JEE and Web Application Security

Estonia - Advanced Java, JEE and Web Application Security

Finland - Advanced Java, JEE and Web Application Security

Greece - Advanced Java, JEE and Web Application Security

Magyarország - Advanced Java, JEE and Web Application Security

Ireland - Advanced Java, JEE and Web Application Security

Luxembourg - Advanced Java, JEE and Web Application Security

Latvia - Advanced Java, JEE and Web Application Security

España - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Italia - Advanced Java, JEE and Web Application Security

Lithuania - Advanced Java, JEE and Web Application Security

Nederland - Advanced Java, JEE and Web Application Security

Norway - Advanced Java, JEE and Web Application Security

Portugal - Advanced Java, JEE and Web Application Security

România - Advanced Java, JEE and Web Application Security

Sverige - Advanced Java, JEE and Web Application Security

Türkiye - Advanced Java, JEE and Web Application Security

Malta - Advanced Java, JEE and Web Application Security

Belgique - Advanced Java, JEE and Web Application Security

France - Advanced Java, JEE and Web Application Security

日本 - Advanced Java, JEE and Web Application Security

Australia - Advanced Java, JEE and Web Application Security

Malaysia - Advanced Java, JEE and Web Application Security

New Zealand - Advanced Java, JEE and Web Application Security

Philippines - Advanced Java, JEE and Web Application Security

Singapore - Advanced Java, JEE and Web Application Security

Thailand - Advanced Java, JEE and Web Application Security

Vietnam - Advanced Java, JEE and Web Application Security

India - Advanced Java, JEE and Web Application Security

Argentina - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Chile - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Costa Rica - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Ecuador - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Guatemala - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Colombia - Avanzado Java, JEE y Seguridad de Aplicaciones Web

México - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Panama - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Peru - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Uruguay - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Venezuela - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Polska - Advanced Java, JEE and Web Application Security

United Kingdom - Advanced Java, JEE and Web Application Security

South Korea - Advanced Java, JEE and Web Application Security

Pakistan - Advanced Java, JEE and Web Application Security

Sri Lanka - Advanced Java, JEE and Web Application Security

Bulgaria - Advanced Java, JEE and Web Application Security

Bolivia - Avanzado Java, JEE y Seguridad de Aplicaciones Web

Indonesia - Advanced Java, JEE and Web Application Security

Kazakhstan - Advanced Java, JEE and Web Application Security

Moldova - Advanced Java, JEE and Web Application Security

Morocco - Advanced Java, JEE and Web Application Security

Tunisia - Advanced Java, JEE and Web Application Security

Kuwait - Advanced Java, JEE and Web Application Security

Oman - Advanced Java, JEE and Web Application Security

Slovakia - Advanced Java, JEE and Web Application Security

Kenya - Advanced Java, JEE and Web Application Security

Nigeria - Advanced Java, JEE and Web Application Security

Botswana - Advanced Java, JEE and Web Application Security

Slovenia - Advanced Java, JEE and Web Application Security

Croatia - Advanced Java, JEE and Web Application Security

Serbia - Advanced Java, JEE and Web Application Security

Bhutan - Advanced Java, JEE and Web Application Security

Nepal - Advanced Java, JEE and Web Application Security

Uzbekistan - Advanced Java, JEE and Web Application Security