Securing Java Applications

    

Summary:
This advanced course shows experienced developers of Java enterprise applications how to secure those applications and to apply best practices with regard to secure coding. Authentication, authorization, and input validation are major themes, and participants use cryptographic algorithms (via the JCA and JCE) for specific development scenarios. The course alson includes thorough discussions and hands-on exercises in common web-application concerns and hacks (XSS, injection, etc.), HTTPS configuration and certificate management, error handling, logging, and auditing.

Duration:
4 days/Lecture & Lab

Audience:
This course is appropriate for experienced Java developers who want to be able to follow secure development practice and to secure new and existing standalone, web, and enterprise applications.

Topics:

• Java SE Security
• Secure Coding Practice
• Java EE Security
• Authentication and Authorization
• Special Concerns for Web Applications
• HTTPS and Certificates
• Cryptography in Java SE
• Cryptography in Web Applications
• Secure Development Practices

Prerequisites:
This course is designed for students with java programming experience, including understanding of OO practices, exception handling and multi-threading. Servlets programming experience is recommended but not required.
JSP page-authoring experience is recommended but not required.

Last Update: May 23, 2013