Secure Java Code Development: Advanced

PT22134
Summary
This workshop is based on the CERT Oracle Secure Coding Standard for Java document, and teaches developers how to write secure code. Most developers think they already understand how to write secure Java code, because they use the built-in features of the Java Platform, but they don’t know the complete story. Recent events in the news highlight the consequences of insecure code. Coding errors cause the majority of software vulnerabilities. For example, over 60 percent of the vulnerabilities in the National Vulnerability Database were caused by programming errors. This workshop identifies the common security pitfalls most developers fall into, and demonstrates how to build secure and reliable applications using the J2EE Framework. This workshop describes use cases under which Java programs might be exploited and examples of rules that help mitigate these attacks.
Duration
5 Days/Lecture & Lab
Topics
  • Understanding the Problem
  • Privilege Escalation
: User Management
  • Threat Modeling
  • Input Validation and Data Sanitization
  • Leaking Sensitive Data
  • Leaking Capabilities
  • Denial of Service
  • Libraries
  • Concurrency, Visibility and Memory
  • Secure Code Review

Related Scheduled Courses