Java and Web Application Security Training Course
Description
Beyond solid knowledge in using Java components, even for experienced Java programmers it is essential to have a deep knowledge in web-related vulnerabilities both on server and client side, the different vulnerabilities that are relevant for web applications written in Java, and the consequences of the various risks.
General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of Java with the most important aim to avoid the associated problems. In addition, a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5.
The course introduces security components of Standard Java Edition, which is preceded with the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. The use of all components is presented through practical exercises, where participants can try out the discussed APIs and tools for themselves.
Finally, the course explains the most frequent and severe programming flaws of the Java language and platform. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.
Participants attending this course will
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Learn to use various security features of the Java development environment
- Have a practical understanding of cryptography
- Learn about typical coding mistakes and how to avoid them
- Get information about some recent vulnerabilities in the Java framework
- Get practical knowledge in using security testing tools
- Get sources and further readings on secure coding practices
Audience
Developers
Course Outline
- IT security and secure coding
- Web application security
- Client-side security
- Foundations of Java security
- Practical cryptography
- Java security services
- XML security
- Common coding errors and vulnerabilities
- Principles of security and secure coding
- Knowledge sources
Need help picking the right course?
Java and Web Application Security Training Course - Booking
Java and Web Application Security Training Course - Enquiry
Java and Web Application Security - Consultancy Enquiry
Testimonials (3)
Very good knowledge and character.
Constantinos Michael
Course - Java and Web Application Security
I genuinely liked the organization.
Panagiotis Foutros
Course - Java and Web Application Security
I genuinely liked the real world scenarios.
Michail Alvanos
Course - Java and Web Application Security
Upcoming Courses
Related Courses
NetBeans
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers who wish to use NetBeans to develop applications with Java and other programming languages.
By the end of this training, participants will be able to:
- Learn about NetBeans and how it works.
- Learn how to use NetBeans in Java programming.
- Use NetBeans to create templates and projects.
Guava
21 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at Java programmers who wish to learn about Guava and how to utilize Guava in programming.
By the end of this training, participants will be able to:
- Learn how to use Guava in Java programming.
- Utilize Guava to facilitate standard coding practices.
- Make easy to read and concise Java codes.
Vaadin
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at programmers, java developers, and anyone who wishes to use Vaadin to develop and deploy applications.
By the end of this training, participants will be able to:
- Setup and configure a Vaadin project.
- Understand the fundamentals of Vaadin in developing applications.
- Use Vaadin to develop applications.
Enterprise Application Integrations with Spring Integration
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers who wish to use Spring Integration to design and build high-quality and efficient enterprise integration solutions.
By the end of this training, participants will be able to:
- Set up the necessary development environment to start developing integration solutions with Spring Integration.
- Understand the Spring Integration features, core concepts, and components.
- Learn how to implement enterprise integration patterns.
- Build message-driven enterprise applications with Spring Integration.
- Enable integration with external streams and NoSQL databases (Apache Kafka, MongoDB, Redis, etc.).
- Monitor and manage the messaging flows across endpoints.
Jakarta EE Fundamentals
28 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers who wish to use Jakarta EE to build, migrate, and deploy cloud-native applications, utilizing the full implementation of Java EE 8 and cloud computing technology.
By the end of this training, participants will be able to:
- Set up the necessary development environment to start developing Jakarta EE applications.
- Create and build database-driven applications with Jakarta Persistence API.
- Develop and integrate Jakarta EE applications with Jakarta RESTful web services for portability.
- Containerize cloud-native applications for cloud deployment with Docker.
Quarkus for Developers
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers who wish to use Quarkus to build, test, and deploy applications, fully-powered with Java, but with less resource utilization.
By the end of this training, participants will be able to:
- Set up the necessary development environment to start developing applications with Quarkus.
- Build, compile, and run applications in native mode using GraalVM.
- Utilize Quarkus tooling and extensions for building native applications using Maven.
- Containerize, execute, and deploy applications with Docker.
Introduction to Apache Struts 2
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at web developers who wish to use Apache Struts 2 to create web applications.
By the end of this training, participants will be able to:
- Build Java MVC applications.
- Handle large projects and support REST applications.
- Secure Apache Struts 2 from vulnerabilities such as remote code execution attacks.
Learning Gradle
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at java developers who wish to use Gradle to automate the Java web development process.
By the end of this training, participants will be able to:
- Build a Java application with Gradle.
- Manage dependencies in a Java application.
- Use Gradle in the cloud.
Introduction to JavaServer Faces
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at web developers who wish to use JavaServer Faces to create enterprise-level web applications.
By the end of this training, participants will be able to:
- Build a JavaServer Faces CRUD application that connects to a database.
- Validate forms through filtering input and sanitizing output.
- Use JDBC APIs and MySQL to perform operations on data.
- Secure Java EE web applications.
OpenXava
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers who wish to develop Java Enterprise applications with OpenXava.
By the end of this training, participants will be able to:
- Install and configure OpenXava.
- Select and use other Java tools and frameworks together with OpenXava.
- Develop an advanced database driven business application.
- Test and debug an OpenXava application.
Spring Boot for Beginners
14 HoursIn this instructor-led, live training in the UAE, participants learn the key features and architecture of Spring Boot, and its relationship to the underlying Spring framework. Ample opportunities for applying this knowledge and receiving feedback is provided by the instructor. Participants will carry out live, hands-on exercises on defining, configuring and deploying Spring applications.
By the end of the course participants will have the necessary knowledge and practice to rapidly deploy their own Spring application.
Advanced Spring Boot
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at experienced Spring Boot developers who wish to use Spring Boot's advanced features to further enhance, secure and test complex Spring Boot applications.
By the end of this training, participants will be able to:
- Customize the Spring WebMVC framework to enhance the decoupling of web applications.
- Serialize and de-serialize objects using Jackson Serialization Views.
- Store and secure user data in a database.
- Use Spring Sessions to manage user session information in a distributed fashion.
- Automate the testing of Spring WebMVC applications.
- Monitor and measure application performance.
Spring Boot, React, and Redux
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at web developers who wish to build functional front-end and back-end web applications with Spring Boot, React, and Redux.
By the end of this training, participants will be able to:
- Build a front-end application with React and Redux.
- Create RESTful APIs with Spring Boot.
- Secure web services with Spring security and JWT web tokens.
Apache Camel and Spring Boot
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at web developers who wish to program in Spring Boot to build Apache Camel applications.
By the end of this training, participants will be able to:
- Develop Apache Camel applications with Spring Boot.
- Apply error monitoring and alerting for Apache Camel applications.
- Use Apache Camel for integration solutions.