Secure Web Application Development in Java and Top 10 Vulnerabilities

    

Summary:
This 2 day course will provides the students with the necessary knowledge on how to build, design and test the security of web applications. The course explains the vulnerability, provides samples of the flaw and provides solutions to protect the web application against common vulnerabilities. This course involves hands-on demonstrations and labs. All java developers that developing Web application should be familiar with those vulnerabilities and know how to write defensive code. Right now many web application do not have defense against hacking. This class will teach how to write defensive code to prevent hacking.

This is a hands-on course that introduces the concepts and challenges students to:
o Make reasoned choices and implement secure code. All examples for implementing secure code are based on OWASP ESAPI library.

Duration:
2 Days/Lecture & Lab

Audience:
This course is designed for Intermediate Java Developers.

Topics:

• Introduction
• Input And Output Validation
• SQL Injection
• Cross Site Scripting (XSS)
• Broken Authentication and Session Management
• Insecure Direct Object References
• Secure Design Principles

Prerequisites:
-Several years of experience with Java, preferably developing J2EE applications or have take Course Java Programming Language-Basic knowledge of application security vulnerabilities is recommended but not mandatory

Last Update: May 23, 2012