2179 Courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for Operational Technology (OT) Engineers IT engineers Generalists, including managers, project leads, and solutions and business architects Overview Define what IIoT is and identify IIoT architectures. Identify IIoT market verticals, and their motivations and requirements. Explore Cisco IIoT networking devices, how they are different from other devices, and use common administrative tools for managing them. Explore industrial communications protocols for control and automation, and how they have been adapted to run on top of a TCP/IP network infrastructure. Describe wireless protocols used in IIoT environments, including architectures and devices used. Understand the TCP/IP protocol stack and how it is used with other protocols in IIoT environments. Discuss network protocols for clock synchronization between network devices, and describe available tools for IIoT network administration. Discuss wireless technologies used in a core LAN, and their relevance to IIoT implementations. Explore field WAN technologies and how they are used in IIoT environments. Explore legacy protocols and explain the methods available to transport non-routable protocols over modern networks. Explain fundamental concepts of Quality of Service (QoS) related to IIoT network environments. Discuss Multiprotocol Label Switching (MPLS) operation, components, terminology, and features, and explore its use in IIoT environments. Explore Layer 2 and Layer 3 VPN technologies and describe the way they can be used on IIoT deployments. Describe Dense Wave Division Multiplexing (DWDM) technology and its use in IIoT environments. Explore Layer 1 and Layer 2 high availability technologies and redundancy mechanisms. Describe Layer 3 high availability and the need for Layer 3 redundancy in IIoT deployments The Understanding Cisco Industrial IoT Networking Foundation (INFND) v1.0 course gives you an overview of the protocols, applications, and network infrastructure you need to support and manage Industrial Internet of Things (IIoT) solutions. You will learn about IIoT industry verticals and how different protocols are used within them. The course also covers configuring and verifying the protocols on Cisco© IIoT networking devices. Course Introduction.Defining Industrial Internet of ThingsExamining Common IIoT Verticals.Examining Cisco IIoT Networking Devices.Examining and Configuring Industrial Communication Protocols.Describing Wireless IIoT Protocols.Explaining and Configuring TCP/IP Protocols, Addressing, and Segmentation.Examining Network Services and Administration.Examining and Configuring Wireless Core LAN Technologies.Describing Field WAN Technologies.Examining and Configuring Transportation of Legacy Protocols.Describing, Configuring, and Verifying Quality of Service (QoS) for IIoT Protocols.Examining and Verifying MPLS and IIoT.Configuring and Explaining VPN Technology and IIoT.Describing DWDM.Configuring and Defining Layer 1 and Layer 2 High Availability Technologies.Defining and Configuring Layer 3 High Availability TechnologiesLab outline Connect to the Cisco IIoT Devices. Use Industrial Protocols with Cisco Industrial Ethernet Switches. Configure an 802.11 Client. Configure an IPv6 Address. Configure Layer 2 Network Address Translation (NAT) and IP Addressing in an Example IoT Deployment.

Duration 5 Days 30 CPD hours This course is intended for The primary audience for this course are Application Consultants, Business Process Architects, Business Process Owners/Team Leads/Power Users, Program/Project Managers, and Users. In this course, students become familiar with options for optimizing and simplifying purchasing processes and their prerequisites. Students will also learn about additional, special functions and customizing settings. Purchasing Master Data Creating Material Master Records for Purchasing Creating Vendor Master Records for Purchasing Using Partner Functions in Purchasing Sources of Supply and Conditions Analyzing Price Determination Basics Creating Purchasing Info Records Creating Special Info Records Using Special Functions in Info Records Creating Central Contracts Creating Contracts for Material Groups Creating Scheduling Agreements Without Release Documentation Creating Scheduling Agreements with Release Documentation Source Determination Controlling Source Determination with Source Lists Maintaining Source Lists Controlling Source Determination with Quota Arrangements Executing the Planning Run with Quota Arrangements Identifying Additional Aspects of Source Determination Blocking Sources of Supply Creating Purchase Orders with Source Determination Optimized Purchasing Processing Unassigned Purchase Requisitions Processing Assigned Purchase Requisitions Monitoring Purchase Orders Assessing the Buyer Role Document Release Procedure Releasing Purchasing Documents Converting Released Purchase Requisitions Configuring Release Procedures in Customizing Creating Release Procedures Specific Procurement Processes Creating Invoices Using Invoice Plans Creating Blanket Purchase Orders Deploying Subcontracting Purchasing with Manufacturer Part Numbers Deploying Additional Special Procurement Processes Vendor Evaluation Evaluating Vendors Setting Up Vendor Evaluation Purchasing Document Types Customizing Document Types in Purchasing Setting Up Field Selection in Purchasing Documents Deploying Version Management in Purchasing Analyzing Special Aspects in Customizing Defining Function Authorizations for Buyers Integrated Procurement Scenarios Purchasing with SRM and Catalogs Integrating SAP Components Additional course details: Nexus Humans SCM520 SAP Purchasing training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SCM520 SAP Purchasing course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This is highly recommended for everyone in a company who works in a Scrum Team or anyone who interacts with any Scrum Team. This will also be very useful for those who are interested in understanding the basics of Scrum and how this method could be used effectively. Overview To ensure that students understand the basics of Scrum To enable Scrum Team members to effectively contribute to a Scrum project. To enable Scrum Team members to apply Scrum effectively in Scrum/Agile projects. In this course, students learn to understand the basics of Scrum, effectively contribute to a Scrum project, and learn how to enable Scrum Team members to apply Scrum effectively in Scrum/Agile projects.Successful candidates will be awarded the Scrum Developer Certified (SDC?) certification by SCRUMstudy after passing the included certification exam. Introduction Agile Overview Scrum Overview Principles The Six Scrum Principles Organization Core Roles and Non-core Roles Business Justification Value-driven Delivery Factors used to Determine Business Justification Confirm Benefits Realization Quality Quality Defined Quality, Scope and Business Value Quality Management in Scrum Change Unapproved and Approved Changes Change in Scrum Risk Risks and Issues Risk Management Procedure Introduction to Scrum Project PhasesInitiate Create Project Vision Process Identify Scrum Master and Stakeholders Process Form Scrum Team and Develop Epics processes Create Prioritized Product Backlog and Conduct Release Planning Processes Plan and Estimate Create User Stories Process Estimate User Stories and Commit User Stories Processes Identify Tasks and Estimate Tasks Processes Create Sprint Backlog Process Implement Create Deliverables and Conduct Daily Stand-up processes Groom Prioritized Product Backlog Process Review and Retrospect Demonstrate and Validate Sprint Process Retrospect Sprint Process Additional course details: Nexus Humans Scrum Developer Certified (SDC) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Scrum Developer Certified (SDC) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is intended for IT Professionals who are already experienced in general Windows Server and Windows Client administration, and who want to learn more about using Windows PowerShell for administration. No prior experience with any version of Windows PowerShell, or any scripting language, is assumed. This course is also suitable for IT Professionals already experienced in server administration, including Exchange Server, SharePoint Server, SQL Server, System Center, and others. Overview After completing this course, students will be able to:Describe the functionality of Windows PowerShell and use it to run and find basic commands.Identify and run cmdlets for server administration.Work with Windows PowerShell pipeline.Describe the techniques Windows PowerShell pipeline uses.Use PSProviders and PSDrives to work with other forms of storage.Query system information by using WMI and CIM.Work with variables, arrays, and hash tables.Write basic scripts in Windows PowerShell.Write advanced scripts in Windows PowerShell.Administer remote computers.Use background jobs and scheduled jobs.Use advanced Windows PowerShell techniques. This course provides students with the fundamental knowledge and skills to use Windows PowerShell for administering and automating administration of Windows based servers. Getting Started with Windows PowerShell Overview and Background Understanding command syntax Finding commands Lab : Configuring Windows PowerShell Lab : Finding and Running Basic Commands Cmdlets for administration Active Directory administration cmdlets Network configuration cmdlets Other server administration cmdlets Lab : Windows Administration Working with the Windows PowerShell pipeline Understanding the Pipeline Selecting, Sorting, and Measuring Objects Filtering Objects Out of the Pipeline Enumerating Objects in the Pipeline Sending pipeline data as output Lab : Using the Pipeline Lab : Filtering Objects Lab : Enumerating Objects Lab : Sending output to a file Understanding How the Pipeline Works Passing the pipeline data Advanced considerations for pipeline data Lab : Working with Pipeline Parameter Binding Using PSProviders and PSDrives Using PSProviders Using PSDrives Lab : Using PSProviders and PSDrives Querying Management Information by Using WMI and CIM Understanding WMI and CIM Querying Data with WMI and CIM Making changes with WMI/CIM Lab : Working with WMI and CIM Working with variables, arrays, and hash tables Using variables Manipulating variables Manipulating arrays and hash tables Lab : Working with variables Basic scripting Introduction to scripting Scripting constructs Importing data from files Lab : Basic scripting Advanced scripting Accepting user input Overview of script documentation Troubleshooting and error handling Functions and modules Lab : Accepting data from users Lab : Implementing functions and modules Administering Remote Computers Using basic Windows PowerShell remoting Using advanced Windows PowerShell remoting techniques Using PSSessions Lab : Using basic remoting Lab : Using PSSessions Using Background Jobs and Scheduled Jobs Using Background Jobs Using Scheduled Jobs Lab : Using Background Jobs and Scheduled Jobs Using advanced Windows PowerShell techniques Creating profile scripts Using advanced techniques Lab : Practicing advanced techniques Lab : Practicing script development (optional)

Duration 5 Days 30 CPD hours This course is intended for This course is intended for IT Professionals who are already experienced in general Windows Server and Windows Client administration, and who want to learn more about using Windows PowerShell for administration. No prior experience with any version of Windows PowerShell, or any scripting language, is assumed. This course is also suitable for IT Professionals already experienced in server administration, including Exchange Server, SharePoint Server, SQL Server, System Center, and others. Overview After completing this course, students will be able to: Describe the functionality of Windows PowerShell and use it to run and find basic commands. Identify and run cmdlets for server administration. Work with Windows PowerShell pipeline. Describe the techniques Windows PowerShell pipeline uses. Use PSProviders and PSDrives to work with other forms of storage. Query system information by using WMI and CIM. Work with variables, arrays, and hash tables. Write basic scripts in Windows PowerShell. Write advanced scripts in Windows PowerShell. Administer remote computers. Use background jobs and scheduled jobs. Use advanced Windows PowerShell techniques. This course provides students with the fundamental knowledge and skills to use Windows PowerShell for administering and automating administration of Windows based servers. Getting Started with Windows PowerShell Overview and Background Understanding command syntax Finding commands Lab : Configuring Windows PowerShell Lab : Finding and Running Basic Commands Cmdlets for administration Active Directory administration cmdlets Network configuration cmdlets Other server administration cmdlets Lab : Windows Administration Working with the Windows PowerShell pipeline Understanding the Pipeline Selecting, Sorting, and Measuring Objects Filtering Objects Out of the Pipeline Enumerating Objects in the Pipeline Sending pipeline data as output Lab : Using the Pipeline Lab : Filtering Objects Lab : Enumerating Objects Lab : Sending output to a file Understanding How the Pipeline Works Passing the pipeline data Advanced considerations for pipeline data Lab : Working with Pipeline Parameter Binding Using PSProviders and PSDrives Using PSProviders Using PSDrives Lab : Using PSProviders and PSDrives Querying Management Information by Using WMI and CIM Understanding WMI and CIM Querying Data with WMI and CIM Making changes with WMI/CIM Lab : Working with WMI and CIM Working with variables, arrays, and hash tables Using variables Manipulating variables Manipulating arrays and hash tables Lab : Working with variables Basic scripting Introduction to scripting Scripting constructs Importing data from files Lab : Basic scripting Advanced scripting Accepting user input Overview of script documentation Troubleshooting and error handling Functions and modules Lab : Accepting data from users Lab : Implementing functions and modules Administering Remote Computers Using basic Windows PowerShell remoting Using advanced Windows PowerShell remoting techniques Using PSSessions Lab : Using basic remoting Lab : Using PSSessions Using Background Jobs and Scheduled Jobs Using Background Jobs Using Scheduled Jobs Lab : Using Background Jobs and Scheduled Jobs Using advanced Windows PowerShell techniques Creating profile scripts Using advanced techniques Lab : Practicing advanced techniques Lab : Practicing script development (optional)

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate-level programming course, designed for experienced .Net developers who wish to get up and running on developing well defended software applications. Real world programming experience with .Net is required. Overview Students who attend Attacking and Securing .Net Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a .Net perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on .Net security training that offers a unique look at .Net application security. Beginning with penetration testing and hunting for bugs in .Net web applications, you thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, driving home the mechanics of how to secure .Net web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? .NET Issues and Best Practices Making Application Security Real Time Permitting Topics Cryptography Overview .NET Cryptographic Services

Duration 5 Days 30 CPD hours This course is intended for This course is designed for network and software engineers interested in automation and programmability and who hold job roles such as: Account manager Consulting systems engineer Network administrator Network engineer Network manager Sales engineer Systems engineer Technical solutions architect Wireless design engineer Wireless engineer Overview This course will help you: Gain the high-demand knowledge and skills to implement automation, streamline container orchestration, and enhance scalability Learn the skills to maximize the lightweight design of containers to scale more quickly and allow more responsiveness to website traffic load Prepare for the 300-910 DEVOPS exam What to expect in the exam The 300-910 DEVOPS exam certifies your knowledge and skills with DevOps. Key DevOps practices include deployment automation that enables configuration, management, and scalability of cloud microservices and infrastructure processes on Cisco platforms. This course teaches you how to automate application deployment, enable automated configuration, enhance management, and improve scalability of cloud microservices and infrastructure processes on Cisco© platforms. You will also learn how to integrate Docker and Kubernetes to create advanced capabilities and flexibility in application deployment. This course prepares you for the 300-910 Implementing DevOps Solutions and Practices Using Cisco Platforms (DEVOPS) certification exam. Course Outlines ITRODUCING THE DEVOPS MODEL INTRODUCING CONTAINERS PACKAGING AN APPLICATION USING DOCKER DEPLOYING A MULTITIER APPLICATION INTRODUCING CI/CD BUILDING THE DEVOPS FLOW VALIDATING THE APPLICATION BUILD PROCESS BUILDING AN IMPROVED DEPLOYMENT FLOW EXTENDING DEVOPS PRACTICES TO THE ENTIRE INFRASTRUCTURE IMPLEMENTING ON-DEMAND TEST ENVIRONMENTS AT THE INFRASTRUCTURE LEVEL MONITORING IN NETDEVOPS ENGINEERING FOR VISIBILITY AND STABILITY SECURING DEVOPS WORKFLOWS EXPLORING MULTICLOUD STRATEGIES EXAMINING APPLICATION AND DEPLOYMENT ARCHITECTURES DESCRIBING KUBERNETES INTEGRATING MULTIPLE DATA CENTER DEPLOYMENTS WITH KUBERNETES MONITORING AND LOGGING IN KUBERNETES Additional course details: Nexus Humans Cisco Implementing DevOps Solutions and Practices Using Cisco Platforms (DevOps) 1.0 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing DevOps Solutions and Practices Using Cisco Platforms (DevOps) 1.0 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for The primary audience for this course is as follows: System Installers System Integrators System Administrators Network Administrators Solutions Designers Overview Upon completing this course, the learner will be able to meet these overall objectives: Describe the Cisco IOS XR 64-Bit software architecture and Linux system fundamentals Describe the major differences between classic Cisco IOS XR software and Cisco IOS XR 64-Bit software on the ASR 9000 Series routers Migrate an ASR 9000 Series router from classic IOS XR software to Cisco IOS XR 64-Bit software Perform and explain Cisco IOS XR 64-Bit software installations Configure and describe Cisco IOS XR 64-Bit software features The Cisco ASR 9000 Series IOS XR 64-Bit Software Migration and Operational Enhancements (IOSXR211) course covers the migration from classic 32-bit Cisco IOS© XR software to Cisco IOS XR 64-Bit software on the Cisco© ASR 9000 Series Aggregation Services Routers. This course will also examine the software architecture, boot process, and auto-provisioning of the Cisco IOS XR 64-bit software, as well as showing you how to install Cisco IOS XR and third-party software packages. In addition, it will investigate data models and show you how to implement telemetry, model-driven programmability, and application hosting services. Software Architecture and Linux Fundamentals Cisco IOS XR 64-Bit Software Fundamentals Cisco ASR 9000 Series IOS XR 64-Bit Software vs. Classic 32-Bit Software Exploring Linux Fundamentals Creating User Profiles Cisco IOS XR 64-Bit Software Installation Examining Resource Allocations and Media Mappings Migrating to Cisco IOS XR 64-Bit Software Examining the Boot Process Performing Disaster Recovery Installing Software Packages Cisco IOS XR 64-Bit Software Features Investigating Data Models Implementing Telemetry Exploring Model-Driven Programmability Employing Application Hosting Additional course details: Nexus Humans Cisco ASR9000 Series 64-bit Software Migration (IOSXR211) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco ASR9000 Series 64-bit Software Migration (IOSXR211) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 0.5 Days 3 CPD hours This course is intended for This course is designed for the non-technical end user of computers, mobile devices, networks, and the Internet, to enable you to use technology more securely to minimize digital risks. This course is also designed for you to prepare for the Certified CyberSAFE credential. You can obtain your Certified CyberSAFE certificate by completing the Certified CyberSAFE credential process on the CHOICE platform following the course presentation. Overview In this course, you will identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect yourself from those risks. You will: Identify the need for security Secure devices like desktops, laptops, smartphones, and more Use the Internet securely Regardless of your computer experience, this class will help you become more aware of technology ðrelated risks and what you can do to protect yourself and your organization from them. This course will help you to: ? Understand security compliance needs and requirements ? Recognize and avoid phishing and other social engineering ? Recognize and avoid viruses, ransomware, and other malware ? Help ensure data security on computers, mobile devices, networks, the Internet, and in the cloud. In this course, you will use discussions, case studies, and the experiences of your instructor and fellow students to explore the hazards and pitfalls of technology and learn how to use that technology safely and securely. Course includes access to the CyberSAFE assessment. Upon successful completion of the assessment, learners will receive the CyberSAFE credential and digital badge. Identifying the Need for Security Identify Security Compliance Requirements Recognize Social Engineering and Avoid Phishing and other Attacks Securing Devices Maintain Physical Security of Devices Use Passwords for Security Protect Your Data Identify and Mitigate Viruses, Ransomware, and other Malware Use Wireless Devices Securely Using the Internet Securely Browse the Web Safely Use Email Securely Use Social Networking Securely Use Cloud Services Securely Additional course details: Nexus Humans CertNexus CyberSAFE Extended Edition 2019 (CBS-310) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus CyberSAFE Extended Edition 2019 (CBS-310) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? Making Application Security Real