27953 OV courses delivered Online

Duration 3 Days 18 CPD hours This course is intended for This course is designed for security analysts, security technical architects, offense managers, network administrators, and system administrators using QRadar SIEM. Overview After completing this course, you should be able to perform the following tasks: Describe how QRadar collects data to detect suspicious activities Describe the QRadar architecture and data flows Navigate the user interface Define log sources, protocols, and event details Discover how QRadar collects and analyzes network flow information Describe the QRadar Custom Rule Engine Utilize the Use Case Manager app Discover and manage asset information Learn about a variety of QRadar apps, content extensions, and the App Framework Analyze offenses by using the QRadar UI and the Analyst Workflow app Search, filter, group, and analyze security data Use AQL for advanced searches Use QRadar to create customized reports Explore aggregated data management Define sophisticated reporting using Pulse Dashboards Discover QRadar administrative tasks IBM Security QRadar enables deep visibility into network, endpoint, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn about the solution architecture, how to navigate the user interface, and how to investigate offenses. You search and analyze the information from which QRadar concluded a suspicious activity. Hands-on exercises reinforce the skills learned. Course Outline Unit 0: IBM Security QRadar 7.4 - Fundamentals Unit 1: QRadar Architecture Unit 2: QRadar UI - Overview Unit 3: QRadar - Log Source Unit 4: QRadar flows and QRadar Network Insights Unit 5: QRadar Custom Rule Engine (CRE) Unit 6: QRadar Use Case Manager app Unit 7: QRadar - Assets Unit 8: QRadar extensions Unit 9: Working with Offenses Unit 10: QRadar - Search, filtering, and AQL Unit 11: QRadar - Reporting and Dashboards Unit 12: QRadar - Admin Console Additional course details: Nexus Humans BQ104 IBM QRadar SIEM Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the BQ104 IBM QRadar SIEM Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is intended for Experienced system administrators responsible for deploying and administering JBoss Enterprise Application Platform 6 in large-scale production environments. At least 2 years' experience as a JBoss Enterprise Application Platform administrator. Be a Red Hat Certified Specialist in Enterprise Application Server Administration on Enterprise Application Platform 6 (or later) or have equivalent experience . Overview Upon successful completion of this course, students will be able to provision and manage Red Hat JBoss Enterprise Application Platform 6 in large-scale production environments. This course empowers you to provision and manage Red Hat© JBoss© Enterprise Application Platform (JBoss EAP) in large-scale production environments. Intended for experienced administrators, this course will help you gain a deeper understanding of how to work with JBoss EAP by taking a closer look at installation, clustering, deployments, scripting, management, messaging, and security with a view towards building on the skills established in the Red Hat JBoss Application Administration I (JB248) course. 1 - INSTALLATION Given the proper installation media, perform Red Hat© JBoss© Enterprise Application Platform 6 installations that are repeatable, upgradeable, and silent. 2 - CLUSTERING Demonstrate a proficient knowledge of clustering components, their configuration, and application to clustered architectures. 3 - DEPLOYMENT Deploy an application in various types of production environments. 4 - SCRIPTING Script various configuration and management scenarios using command line interface (CLI). 5 - MANAGEMENT Use various tools to monitor and manage JBoss Enterprise Application Platform. 6 - MESSAGING Learn how to manage supported messaging systems. 7 - SECURITY Configure security settings that include authentication, authorization, networking, and the management interfaces. 8 - OVERVIEW OF JBOSS OPERATIONS NETWORK Learn the functionality of JBoss Operations Network and its use cases. Also learn how to install a JBoss Operations Network server, an agent, and agent plug-ins. 9 - MONITORING RESOURCES Learn how to use JBoss Operations Network to monitor managed resources, including defining alerts, baselines, and notifications Additional course details: Nexus Humans Red Hat JBoss Application Administration II (AD348) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Red Hat JBoss Application Administration II (AD348) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is intended for System administrators who are either new to JBoss or have experience with JBoss Enterprise Application Platform 5. Base experience with system administration on Microsoft Windows, UNIX, or Linux© operating systems. Understanding of hardware and networking. Note: No prior knowledge of Java, scripting, or JBoss Developer Studio is required. Overview Upon successful completion of this course, students will be able to take the Red Hat Certified JBoss Administration (RHCJA) Exam. In this course, you'll discover the best practices for installing and configuring Red Hat© JBoss© Enterprise Application Platform (JBoss EAP) 7. Through hands-on labs, you'll learn the essential, real-world tasks that you need to know as a system administrator to effectively deploy and manage applications on JBoss EAP. This course will help prepare you to take the Red Hat Certified Specialist in Enterprise Application Server Administration exam. 1 - OVERVIEW OF JBOSS ENTERPRISE APPLICATION PLATFORM Learn the concepts and terminology of JBoss© Enterprise Application Platform 6, and install and run a JBoss Enterprise Application Platform instance. 2 - CONFIGURE JBOSS ENTERPRISE APPLICATION PLATFORM IN STANDALONE MODE Understand the directory structure of standalone mode and the standalone.xml configuration file, and deploy an application onto a standalone server. 3 - CONFIGURE JBOSS ENTERPRISE APPLICATION PLATFORM IN DOMAIN MODE Set up a domain, including a domain controller managing multiple host controllers. Also learn how to deploy an application onto a domain. 4 - CONFIGURE SERVERS Define a server group on a host, add servers to a server group, and deploy an application to a server group. 5 - USE THE CLI TOOL Learn how the command-line Interface tool can be used to script administrative tasks. 6 - THE DATASOURCE SUBSYSTEM Understand database connection pools in JBoss Enterprise Application Platform and how to configure the datasource subsystem. Learn how to deploy a Java? Database Connectivity (JDBC) driver and define a datasource. 7 - THE LOGGING SUBSYSTEM Configure the logging subsystem, including configuring the built-in handlers and loggers. 8 - THE MESSAGING SUBSYSTEM Understand JMS and HornetQ, including how to define and configure connection factories and destinations (topics and queues). 9 - THE SECURITY SUBSYSTEM Configure the security subsystem, including securing the management interfaces, securing an application, and securing a JMS destination. Also learn how to define an Lightweight Directory Access Protocol (LDAP) and database security realm. 10 - JVM CONFIGURATION Configure the JVM for both standalone and domain modes. 11 - MIGRATING APPLICATIONS TO JBOSS ENTERPRISE APPLICATION PLATFORM 6 Understand classpath and module dependencies, JPA issues, updating security settings, and other tips on how to migrate an application to JBoss Enterprise Application Platform 6. 12 - THE WEB SUBSYSTEM Configure the HTTP and HTTPS Connectors, set up an SSL connection, and configure an AJP Connector. 13 - INTRODUCTION TO CLUSTERING Set up JBoss Enterprise Application Platform 6 in a cluster in both standalone and domain mode.

Duration 4.5 Days 27 CPD hours This course is intended for This is an intermediate course for experienced data professionals such as z/OS system programmers, who are responsible for the installation and maintenance of z/OS UNIX. Overview Execute the tasks required to prepare a z/OS installation for implementing z/OS UNIXExecute the tasks to install the z/OS UNIX software featuresUse the information provided in this class to perform the basic customization necessary to fully implement the z/OS UNIX kernel, the file system, the shell and utilities, and z/OS UNIX applicationsPut in place the RACF security required for z/OS UNIX resources and applicationsMake appropriate definitions for the activation of TCP/IP sockets by z/OS UNIXIdentify and use the processes and data required for monitoring and tuning the z/OS UNIX environment This course is designed to provide you with the skills required to install and customize z/OS UNIX (full name z/OS UNIX System Services), and to manage and monitor the z/OS UNIX environment. Day 1 Welcome Unit 1: z/OS UNIX implementation overview Unit 2: z/OS UNIX services initial installation Exercise 1: Move from default to full mode function Exercise 2: IPL in full function mode and enable a nonvolatile root HFS Unit 3: File system customization Day 2 Exercise 3: Customizing the file system Unit 4: Security customization Exercise 4: Defining and managing UNIX users, OMVS security Day 3 Unit 5: Shell customization Exercise 5: UNIX System Services and shell customization Unit 6: Customizing applications, daemons, and servers Exercise 6: UNIX processes Exercise 7: Access control list and enhanced ASCII support Day 4 Unit 7: File system management and system maintenance Exercise 8: Managing HFS and zFS data sets Unit 8: Managing z/OS UNIX operations Unit 9: Exploiting TCP/IP with z/OS UNIX Exercise 9: Managing z/OS UNIX Additional course details: Nexus Humans OP25 IBM z/OS UNIX System Services Implementation training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the OP25 IBM z/OS UNIX System Services Implementation course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for IT professionals interested in understanding the capabilities of the MDS 9000 Series using Cisco DCNM. IT professionals seeking a deeper knowledge of SAN operations using both CLI and DCNM may take the alternative 4-day course, Configuring Cisco MDS 9000 Series Switches (DCMDS). Much of the hands-on work in DCNMS is also covered in DCMDS. This course is also designed for professionals in the following roles including: Consulting systems engineer Data center engineers Data center operators Data center network management engineers Storage network administrator Network administrator Network engineer Sales engineer Technical solutions architect Overview After taking this course, you should be able to: Describe Cisco DCNM SAN components, licensing, high availability, and security features Describe Cisco DCNM SAN reports, alerts, event forwarding, and troubleshooting tools, including Cisco DCNM SAN Insights and SAN Analytics features The Managing SAN Infrastructure with Cisco© Data Center Network Manager (DCNMS) v1.0 course provides product training that that teaches you to deploy, operate, and maintain the Cisco Data Center Network Manager (DCNM) SAN solutions. You will learn to configure, monitor, and troubleshoot Cisco storage networking infrastructure using Cisco DCNM. Cisco DCNM provides management, automation, visualization, and troubleshooting across Cisco Nexus© and Cisco Multilayer Distributed Switching (MDS) solutions.You will learn how the DCNM serves as a Storage Area Network (SAN) solution for managing and troubleshooting Cisco storage architecture. Implementing Cisco DCNM SAN Cisco DCNM Solution Overview Implement Cisco DCNM SAN Integrate Cisco DCNM SAN with VMware vCenter Cisco DCNM SAN Licensing Monitoring and Troubleshooting SAN Infrastructure Using Cisco DCNM SAN Cisco DCNM SAN Alerts and Reports Dashboards in Cisco DCNM SAN SAN Troubleshooting with the Cisco DCNM SAN Analytics and Telemetry Streaming Additional course details: Nexus Humans Cisco Managing SAN Infrastructure with Cisco Data Center Network Manager v1.0 (DCNMS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Managing SAN Infrastructure with Cisco Data Center Network Manager v1.0 (DCNMS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), and how to write Snort rules. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe Snort technology and identify resources available for maintaining a Snort deployment Install Snort on a Linux-based operating system Describe the Snort operation modes and their command-line options Describe the Snort intrusion detection output options Download and deploy a new rule set to Snort Describe and configure the snort.conf file Configure Snort for inline operation and configure the inline-only features Describe the Snort basic rule syntax and usage Describe how traffic is processed by the Snort engine Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor Snort performance and how to tune rules The Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course shows you how to deploy a network intrusion detection system based on Snort. You?ll learn how to install, configure, operate, and manage a Snort system, rules writing with an overview of basic options, advanced rules writing, how to configure Pulled Pork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more Course outline Introduction to Snort Technology Snort Installation Snort Operation Snort Intrusion Detection Output Rule Management Snort Configuration Inline Operation and Configuration Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Additional course details: Nexus Humans Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview The person who carries this certification should be able to acquire necessary resources, advise senior leadership, collaborate with stakeholders, evaluate effectiveness, identify cybersecurity problems, manage threats, oversee information security awareness programs, participate in risk assessments, support compliance activities, and define or implement policies and procedures to ensure protection of critical infrastructure within an information security environment. If you are looking for the ?gotta have it? cybersecurity course, then the Certified Information Systems Security Officer is for you.ÿ The C)ISSO will prepare you for multiple managerial roles inside the INFOSEC community by covering a broad range of topics. You will learn theories in security concepts, practices, monitoring and compliance in IS management. An Information Systems Security Officer is able to implement and maintain cost-effective security controls that are closely aligned with business and industry standards. The C)ISSO certification course is an idealÿway to increaseÿknowledge, expertise, and skill for managers, auditors, and INFOSEC professionals.ÿ At Mile2 we consider the C)ISSO to be one of our flagship courses.The things you learn in this course can be applied to management, prevention teams, and recovery professionals. Material learned in the Live Class or Self-Study options will apply directly to the certification exam. Course Outline Risk Management Security Management Identification and Authentication Access Control Security Models and Evaluation Operations Security Vulnerability Assessments Symmetric Cryptography and Hashing Network Connections Network Protocols and Devices Telephony, VPNs, and Wireless Security Architecture and Attacks Software Development Security Database Security Malware and Software Attacks Business Continuity Disaster Recovery Incident Management, Law, and Ethics Physical Security Additional course details: Nexus Humans C)ISSO - Certified Information Security Systems Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSO - Certified Information Security Systems Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for This course is intended for: Developers responsible for developing Deep Learning applications Developers who want to understand concepts behind Deep Learning and how to implement a Deep Learning solution on AWS Overview This course is designed to teach you how to: Define machine learning (ML) and deep learning Identify the concepts in a deep learning ecosystem Use Amazon SageMaker and the MXNet programming framework for deep learning workloads Fit AWS solutions for deep learning deployments In this course, you?ll learn about AWS?s deep learning solutions, including scenarios where deep learning makes sense and how deep learning works. You?ll learn how to run deep learning models on the cloud using Amazon SageMaker and the MXNet framework. You?ll also learn to deploy your deep learning models using services like AWS Lambda while designing intelligent systems on AWS. Module 1: Machine learning overview A brief history of AI, ML, and DL The business importance of ML Common challenges in ML Different types of ML problems and tasks AI on AWS Module 2: Introduction to deep learning Introduction to DL The DL concepts A summary of how to train DL models on AWS Introduction to Amazon SageMaker Hands-on lab: Spinning up an Amazon SageMaker notebook instance and running a multi-layer perceptron neural network model Module 3: Introduction to Apache MXNet The motivation for and benefits of using MXNet and Gluon Important terms and APIs used in MXNet Convolutional neural networks (CNN) architecture Hands-on lab: Training a CNN on a CIFAR-10 dataset Module 4: ML and DL architectures on AWS AWS services for deploying DL models (AWS Lambda, AWS IoT Greengrass, Amazon ECS, AWS Elastic Beanstalk) Introduction to AWS AI services that are based on DL (Amazon Polly, Amazon Lex, Amazon Rekognition) Hands-on lab: Deploying a trained model for prediction on AWS Lambda Additional course details: Nexus Humans Deep Learning on AWS training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Deep Learning on AWS course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for The primary audience for this course is as follows: System Installers System Integrators System Administrators Network Administrators Solutions Designers Overview Upon completing this course, the learner will be able to meet these overall objectives: Describe the Cisco IOS XR 64-Bit software architecture and Linux system fundamentals Describe the major differences between classic Cisco IOS XR software and Cisco IOS XR 64-Bit software on the ASR 9000 Series routers Migrate an ASR 9000 Series router from classic IOS XR software to Cisco IOS XR 64-Bit software Perform and explain Cisco IOS XR 64-Bit software installations Configure and describe Cisco IOS XR 64-Bit software features The Cisco ASR 9000 Series IOS XR 64-Bit Software Migration and Operational Enhancements (IOSXR211) course covers the migration from classic 32-bit Cisco IOS© XR software to Cisco IOS XR 64-Bit software on the Cisco© ASR 9000 Series Aggregation Services Routers. This course will also examine the software architecture, boot process, and auto-provisioning of the Cisco IOS XR 64-bit software, as well as showing you how to install Cisco IOS XR and third-party software packages. In addition, it will investigate data models and show you how to implement telemetry, model-driven programmability, and application hosting services. Software Architecture and Linux Fundamentals Cisco IOS XR 64-Bit Software Fundamentals Cisco ASR 9000 Series IOS XR 64-Bit Software vs. Classic 32-Bit Software Exploring Linux Fundamentals Creating User Profiles Cisco IOS XR 64-Bit Software Installation Examining Resource Allocations and Media Mappings Migrating to Cisco IOS XR 64-Bit Software Examining the Boot Process Performing Disaster Recovery Installing Software Packages Cisco IOS XR 64-Bit Software Features Investigating Data Models Implementing Telemetry Exploring Model-Driven Programmability Employing Application Hosting Additional course details: Nexus Humans Cisco ASR9000 Series 64-bit Software Migration (IOSXR211) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco ASR9000 Series 64-bit Software Migration (IOSXR211) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? Making Application Security Real