• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

Course Images

Attacking and Securing Java / JEE Web Applications (TT8320-J)

Attacking and Securing Java / JEE Web Applications (TT8320-J)

  • 30 Day Money Back Guarantee
  • Completion Certificate
  • 24/7 Technical Support

Highlights

  • Delivered Online

  • 4 days

  • All levels

Description

Duration

4 Days

24 CPD hours

This course is intended for

This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge.

Overview

Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses.
Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux.
This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom.

This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms.

Bug Hunting Foundation

  • Why Hunt Bugs?

  • Safe and Appropriate Bug Hunting/Hacking

Scanning Web Applications

  • Scanning Applications Overview

Moving Forward from Hunting Bugs

  • Removing Bugs

Foundation for Securing Applications

  • Principles of Information Security

Bug Stomping 101

  • Unvalidated Data

  • Broken Authentication

  • Sensitive Data Exposure

  • XML External Entities (XXE)

  • Broken Access Control

Bug Stomping 102

  • Security Misconfiguration

  • Cross Site Scripting (XSS)

  • Deserialization/Vulnerable Components

  • Insufficient Logging and Monitoring

  • Spoofing, CSRF, and Redirects

Moving Forward with Application Security

  • Applications: What Next?

  • Making Application Security Real

About The Provider

Nexus Human, established over 20 years ago, stands as a pillar of excellence in the realm of IT and Business Skills Training and education in Ireland and the UK....

Read more about Nexus Human

Tags

Reviews