44231 Courses

Duration 1 Days 6 CPD hours This course is intended for Security Engineers Network Engineers Support staff Overview This course is intended to provide an understanding of Palo Alto Networks Next-Generation firewall technologies enable the student to perform a basic installation of Palo Alto Networks Next-Generation firewalls. Upon completion of this course, students will be able to: Explain the features and advantages of the Palo Alto Networks next-generation firewall architecture Understand the capabilities of App-ID, Content-ID, and User-ID Perform the basic configuration of the firewall including: Interfaces and virtual routers NAT Policies Security zones Objects Security policies Content security profiles View logs and basic reports This course was formerly named Palo Alto Networks Foundations of Next Generation Firewalls (EDU-150). ** Our foundation classes are just introductory trainings, NOT a full technical training. Your network has expanded beyond your organization\'s boundaries. Cloud locations and remote users (often using personal devices) have \'distributed\' the surface you need to both enable and protect.At the same time, the motivations of attackers and their sophistication have continued to evolve.Palo Alto Networks' next-generation firewalls are all based on a consistent Single-Pass Architecture, enabling security capability that is unique in the industry. This architecture is implemented in a portfolio of both physical and virtual appliances, designed to cover a range of performance and use case requirements.Features and management are consistent across the portfolio. Integration with GlobalProtect? mobile security service extends policy-based security to mobile devices (whether on-premises or remote). Integration with our threat intelligence services keeps information up to date for the firewall (e.g., URL categories, threat signatures). WildFire? cloud-based malware analysis environment integration supports a rapid \'feedback loop\' that enables the firewall to stop advanced threats throughout the attack lifecycle. Course Outline Module 0: Introduction Module 1: Platforms & Architecture Module 2: Getting Started Module 3: Basic Administration Module 4: Connectivity Module 5: Security Module 6: Logging & Reporting Additional course details: Nexus Humans Palo Alto Networks : Strata Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks : Strata Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), and how to write Snort rules. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe Snort technology and identify resources available for maintaining a Snort deployment Install Snort on a Linux-based operating system Describe the Snort operation modes and their command-line options Describe the Snort intrusion detection output options Download and deploy a new rule set to Snort Describe and configure the snort.conf file Configure Snort for inline operation and configure the inline-only features Describe the Snort basic rule syntax and usage Describe how traffic is processed by the Snort engine Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor Snort performance and how to tune rules The Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course shows you how to deploy a network intrusion detection system based on Snort. You?ll learn how to install, configure, operate, and manage a Snort system, rules writing with an overview of basic options, advanced rules writing, how to configure Pulled Pork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more Course outline Introduction to Snort Technology Snort Installation Snort Operation Snort Intrusion Detection Output Rule Management Snort Configuration Inline Operation and Configuration Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Additional course details: Nexus Humans Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview The person who carries this certification should be able to acquire necessary resources, advise senior leadership, collaborate with stakeholders, evaluate effectiveness, identify cybersecurity problems, manage threats, oversee information security awareness programs, participate in risk assessments, support compliance activities, and define or implement policies and procedures to ensure protection of critical infrastructure within an information security environment. If you are looking for the ?gotta have it? cybersecurity course, then the Certified Information Systems Security Officer is for you.ÿ The C)ISSO will prepare you for multiple managerial roles inside the INFOSEC community by covering a broad range of topics. You will learn theories in security concepts, practices, monitoring and compliance in IS management. An Information Systems Security Officer is able to implement and maintain cost-effective security controls that are closely aligned with business and industry standards. The C)ISSO certification course is an idealÿway to increaseÿknowledge, expertise, and skill for managers, auditors, and INFOSEC professionals.ÿ At Mile2 we consider the C)ISSO to be one of our flagship courses.The things you learn in this course can be applied to management, prevention teams, and recovery professionals. Material learned in the Live Class or Self-Study options will apply directly to the certification exam. Course Outline Risk Management Security Management Identification and Authentication Access Control Security Models and Evaluation Operations Security Vulnerability Assessments Symmetric Cryptography and Hashing Network Connections Network Protocols and Devices Telephony, VPNs, and Wireless Security Architecture and Attacks Software Development Security Database Security Malware and Software Attacks Business Continuity Disaster Recovery Incident Management, Law, and Ethics Physical Security Additional course details: Nexus Humans C)ISSO - Certified Information Security Systems Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSO - Certified Information Security Systems Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Entry- to mid-level network engineers Network administrators Network support technicians Help desk technicians Overview After taking this training, you should be able to: Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers Compare and contrast the various hardware and software switching mechanisms and operation while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM) along with process switching, fast switching, and Cisco Express Forwarding concepts Troubleshoot Layer 2 connectivity using VLANs and trunking Implement redundant switched networks using Spanning Tree Protocol Troubleshoot link aggregation using Etherchannel Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP) Implement and optimize Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types and areas, summarization, and route filtering for IPv4 and IPv6 Implement External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking Implement network redundancy using protocols such as Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP) Implement internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT) Describe the virtualization technology of servers, switches, and the various network devices and components Implement overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP) Describe the components and concepts of wireless networking, including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards Describe the various wireless deployment models available, including autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture Describe wireless roaming and location services The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.3 training gives you the knowledge and skills needed to install, configure, operate, and troubleshoot an enterprise network and introduces you to overlay network design by using SD-Access and SD-WAN solutions. You?ll also learn to understand and implement security principles and automation and programmability within an enterprise network. Course Outline Examining Cisco Enterprise Network Architecture Exploring Cisco Switching Paths Implementing Campus LAN Connectivity Building Redundant Switched Topology Implementing Layer 2 Port Aggregation Understanding EIGRP Implementing OSPF Optimizing OSPF Exploring EBGP Implementing Network Redundancy Implementing NAT Introducing Virtualization Protocols and Techniques Understanding Virtual Private Networks and Interfaces Understanding Wireless Principles Examining Wireless Deployment Options Understanding Wireless Roaming and Location Services Examining Wireless AP Operation Implementing Wireless Client Authentication Troubleshooting Wireless Client Connectivity Implementing Network Services Using Network Analysis Tools Implementing Infrastructure Security Implementing Secure Access Control Discovering the Basics of Python Programming Discovering Network Programmability Protocols Implementing Layer 2 Port Aggregation Discovering Multicast Protocols Understanding QoS Exploring Enterprise Network Security Architecture Exploring Automation and Assurance Using Cisco DNA Center Examining the Cisco SD-Access Solution Understanding the Working Principles of the Cisco SD-WAN Solution

Duration 4 Days 24 CPD hours This course is intended for A Dynamics 365 Customer Engagement Functional Consultant is responsible for performing discovery, capturing requirements, engaging subject matter experts and stakeholders, translating requirements, and configuring the solution and applications. The Functional Consultant implements a solution using out-of-the-box capabilities, codeless extensibility, application, and service integrations. Overview Install and configure the customer service app Identify common customer service scenarios Complete a case resolution process Analyze customer service data Automate case management record processing Create and use knowledge articles Create and use entitlements and service level agreements Microsoft Dynamics 365 for Customer Service offers any organization an opportunity for customer success. Using tools such as automatic case creation and queue management frees up time to dedicate where a greater impact can be made, directly with customers. Our team of globally recognized experts take students step by step, from creating cases, to interacting with customers, to resolving those cases. Once those cases are resolved, students will learn from data analysis the key details to help resolve similar cases faster or avoid new issues altogether. Customer Service Overview Lesson 1: Create case records Lesson 2: Related service apps Lesson 3: Analytics for service Lesson 4: AI for service Lesson 5: Configuring customer service Lesson 6: Module summary Case Management Lesson 1: Case management overview Lesson 2: Creating case records Lesson 3: Queue management Lesson 4: Case routing Lesson 5: Resolving cases Lesson 6: Module summary Service Level Agreements and Entitlements Lesson 1: SLA and entitlement overview Lesson 2: Create and manage entitlements Lesson 3: Create and manage S Knowledge Management Lesson 1: Knowledge management overview Lesson 2: Authoring and organizing Lesson 3: Use knowledge content Lesson 4: Manage knowledge content Lesson 5: Module summary Additional course details: Nexus Humans MB-230T01 Dynamics 365 for Customer Engagement for Customer Service training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the MB-230T01 Dynamics 365 for Customer Engagement for Customer Service course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This intermediate course is designed for experienced Integration Specialists and Senior-Level Developers with experience in application development, messaging middleware applications, and transport protocols such as HTTP and FTP. Overview Describe the features and uses of the IBM Integration BusDevelop, deploy, and test message flow applicationsGenerate message flow applications from predefined patternsUse IBM Integration Bus problem determination aids to diagnose and solve development and runtime errorsDescribe the function and appropriate use of IBM Integration Bus processing nodesWrite basic Extended Structured Query Language and Java programs to transform dataUse the IBM Graphical Data Mapping editor to transform dataDefine, use, and test simple XML and Data Format Description Language (DFDL) data modelsDescribe supported transport protocols and how to call them in message flows This course teaches you how to use IBM Integration Bus to develop, deploy, and support message flow applications. Students will learn how to construct applications to transport and transform data. Course Outline Course introduction Introduction to IBM Integration Bus Application development fundamentals Exercise: Importing and testing a message flow Creating message flow applications Exercise: Creating a message flow application Connecting to IBM MQ Exercise: Connecting to IBM MQ Controlling the flow of messages Exercise: Adding flow control to a message flow application Modeling the data Exercise: Creating a DFDL model Processing file data Exercise: Processing file data Using problem determination tools and help resources Exercise: Using problem determination tools Exercise: Implementing explicit error handling Mapping messages with the Graphical Data Mapping editor Referencing a database in a message flow application Exercise: Referencing a database in a map Using Compute nodes to transform messages Exercise: Transforming data by using the Compute and JavaCompute nodes Processing JMS, HTTP, and web service messages Preparing for production Exercise: Creating a runtime-aware message flow Course summary Additional course details: Nexus Humans WM666 IBM Integration Bus V10 Application Development I training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the WM666 IBM Integration Bus V10 Application Development I course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for application developers. Overview Deploy microservice applications on Red Hat© OpenShift Container Platform. Build a microservice application with Quarkus. Implement unit and integration tests for microservices. Use the config specification to inject data into a microservice. Secure a microservice using OAuth. Build and deploy native Quarkus applications. Develop microservice-based applications with Quarkus and OpenShift. Many enterprises are looking for a way to take advantage of cloud-native architectures, but many do not know the best approach. Quarkus is an exciting new technology that brings the reliability, familiarity, and maturity of Java Enterprise with a container-ready lightning fast deployment time. Red Hat Cloud-native Microservices Development with Quarkus (DO378) emphasizes learning architectural principles and implementing microservices based on Quarkus and OpenShift. You will build on application development fundamentals and focus on how to develop, monitor, test, and deploy modern microservices applications.. This course is based on OpenShift 4.5 and Quarkus 1.7L 1 - Describe microservice architectures Describe components and patterns of microservice-based application architectures. 2 - Implement a microservice with Quarkus Describe the specifications in Quarkus, implement a microservice with some of the specifications, and deploy it to an OpenShift cluster. 3 - Build microservice applications with Quarkus Build a persistent and configurable distributed quarkus microservices application. 4 - Implement fault tolerance Implement fault tolerance in a microservice architecture. 5 - Build and deploy native Quarkus applications Describe Quarkus in native mode and describe its deployment on OpenShift Container Platform. 6 - Test microservices Implement unit and integration tests for microservices. 7 - Create application health checks Create a health check for a microservice. 8 - Secure microservices Secure microservice endpoints and communication. 9 - Monitor microservices Monitor the operation of a microservice using metrics and distributed tracing. Additional course details: Nexus Humans Red Hat Cloud-native Microservices Development with Quarkus (DO378) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Red Hat Cloud-native Microservices Development with Quarkus (DO378) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4.5 Days 27 CPD hours This course is intended for This is an intermediate course for experienced data professionals such as z/OS system programmers, who are responsible for the installation and maintenance of z/OS UNIX. Overview Execute the tasks required to prepare a z/OS installation for implementing z/OS UNIXExecute the tasks to install the z/OS UNIX software featuresUse the information provided in this class to perform the basic customization necessary to fully implement the z/OS UNIX kernel, the file system, the shell and utilities, and z/OS UNIX applicationsPut in place the RACF security required for z/OS UNIX resources and applicationsMake appropriate definitions for the activation of TCP/IP sockets by z/OS UNIXIdentify and use the processes and data required for monitoring and tuning the z/OS UNIX environment This course is designed to provide you with the skills required to install and customize z/OS UNIX (full name z/OS UNIX System Services), and to manage and monitor the z/OS UNIX environment. Day 1 Welcome Unit 1: z/OS UNIX implementation overview Unit 2: z/OS UNIX services initial installation Exercise 1: Move from default to full mode function Exercise 2: IPL in full function mode and enable a nonvolatile root HFS Unit 3: File system customization Day 2 Exercise 3: Customizing the file system Unit 4: Security customization Exercise 4: Defining and managing UNIX users, OMVS security Day 3 Unit 5: Shell customization Exercise 5: UNIX System Services and shell customization Unit 6: Customizing applications, daemons, and servers Exercise 6: UNIX processes Exercise 7: Access control list and enhanced ASCII support Day 4 Unit 7: File system management and system maintenance Exercise 8: Managing HFS and zFS data sets Unit 8: Managing z/OS UNIX operations Unit 9: Exploiting TCP/IP with z/OS UNIX Exercise 9: Managing z/OS UNIX Additional course details: Nexus Humans OP25 IBM z/OS UNIX System Services Implementation training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the OP25 IBM z/OS UNIX System Services Implementation course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for System administrators tasked with maintaining a vRealize Operations cluster Overview By the end of the course, you should be able to meet the following objectives: Identify the vRealize Operations components affected in typical troubleshooting scenarios List the environmental and operational factors that can generate problems in vRealize Operations Use self-monitoring tools to assess and troubleshoot operational issues in vRealize Operations Access CLI-based tools to assess and troubleshoot operational issues in vRealize Operations Use the vRealize Operations API tool to retrieve cluster data and perform actions Retrieve and review log files associated with specific vRealize Operations components Use available tools to troubleshoot problem scenarios in vRealize Operations Identify the best practices to ensure a vRealize Operations instance remains in a healthy state Locate resources to help you troubleshoot vRealize Operations This two-day course gives VMware vRealize© Operations? administrators the skills to perform basic troubleshooting tasks. The course also gives administrators the skills to ensure that their vRealize Operations instance meets its use-case objectives of continuous performance optimization, app-aware intelligent remediation, and integrated compliance. Course Introduction Introduction and course logistics Course objectives Running a vRealize Operations Instance Identify the components of a vRealize Operations cluster Identify common problems that affect vRealize Operations List the environmental and operational factors that can affect vRealize Operations Identify the affected components vRealize Operations Troubleshooting Tools Use vRealize Operations self-monitoring tools to troubleshoot problems Use CLI tools to troubleshoot vRealize Operations problems Identify the log files used by individual vRealize Operations components Run commands to analyze vRealize Operations log files Use the vRealize Operations API tool vRealize Operations Troubleshooting Scenarios Use relevant tools to troubleshoot problem scenarios Maintaining vRealize Operations Use best practices to ensure the vRealize Operations cluster remains in a healthy state Back up and restore vRealize Operations Identify vRealize Operations troubleshooting resources Additional course details: Nexus Humans Troubleshooting VMware vRealize Operations [V8.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Troubleshooting VMware vRealize Operations [V8.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? Making Application Security Real