Building Secure Web Applications in Java/J2EE

    

Summary:
This course teaches the students how to develop secure web applications in today’s complex internet worked environment. Students will receive a deep and thorough understanding of the most prevalent and dangerous security defects in today’s applications. Additionally, they will learn practical and actionable guidelines on how to remediate against these common defects in Java/J2EE and how to test for them in their own applications. This class starts with a description of the security problems faced by today's software developer, as well as a detailed description of the Open Web Application Security Project’s (OWASP) “Top 10” security defects.

Duration:
3 Days/Lecture & Lab

Audience:
This course is designed for hands-on web application developers or architects who are looking for a fundamental understanding of today's best practices in secure software development.

Topics:

• Preparation Phase Understanding the problem
• Overview of available solutions
• Exploiting web application weaknesses
• Exploiting web application weaknesses, continued
• Secure development processes
• Introduction to design review exercise
• Processes in depth – Design review
• Architectural and design exercises
• Processes in depth – Static code analysis
• Static code analysis exercise
• Processes in depth – Security testing
• Getting started
• Group discussion and questions

Prerequisites:
There are no prerequisites for this course.

Last Update: May 21, 2013