Secure Developer Java (Inc OWASP) Training Course
This course explores secure coding concepts and principles for Java, utilizing the testing methodology of the Open Web Application Security Project (OWASP). The Open Web Application Security Project is an online community that creates freely available articles, methodologies, documentation, tools, and technologies in the field of web application security.
This course is available as onsite live training in United Arab Emirates or online live training.Course Outline
- understand the web Threats and Attack Vectors
- know the Secure Design Principles
- understand OWASP Top 10 attacks
- understand the Authentication and Authorization problems
- know how to prevent Cross-Site Scripting
- know how to prevent Cross-Site Request Forgery
- understand the secure Development Cycle
- know how to prevent Injection Attacks
- understand the protections in JDBC and JPA
- understand the Penetration Testing methodologies
- Know how to secure Java Applications
Requirements
- Experience with Java.
- Experience of creating web applications.
Need help picking the right course?
uae@nobleprog.com or +971 4871 6715
Secure Developer Java (Inc OWASP) Training Course - Enquiry
Testimonials (3)
The topic is current and I needed to be updated
Damilano Marco - SIAP s.r.l.
Course - Secure Developer Java (Inc OWASP)
It was quite comprehensive, the information was clear and succinct.
Sebastian-Daniel - BRD
Course - Secure Developer Java (Inc OWASP)
Multiple examples for each module and great knowledge of the trainer.
Sebastian - BRD
Course - Secure Developer Java (Inc OWASP)
Upcoming Courses
Related Courses
Network Security and Secure Communication
21 HoursDeveloping secure networked applications can be challenging, even for developers experienced with cryptographic building blocks like encryption and digital signatures. To help participants grasp the role and application of these cryptographic primitives, this course establishes a solid foundation on the core requirements of secure communication—including secure acknowledgment, integrity, confidentiality, remote identification, and anonymity. It also highlights common threats to these requirements alongside practical real-world solutions.
Since cryptography is a critical component of network security, the course covers essential algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement. Rather than focusing on complex mathematical theory, the content approaches these topics from a developer's perspective, illustrating typical use cases and practical considerations such as public key infrastructures. Additionally, various security protocols are introduced, with a detailed examination of widely used families like IPSEC and SSL/TLS.
The course addresses typical crypto vulnerabilities associated with specific algorithms and protocols, such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE, and RSA timing attacks. For each issue, practical implications and potential consequences are explained without delving into deep mathematical details.
Finally, as XML technology is central to data exchange in networked applications, the course explores its security aspects. This includes the use of XML in web services and SOAP messages, protection mechanisms like XML signature and XML encryption, and vulnerabilities such as XML injection, XML external entity (XXE) attacks, XML bombs, and XPath injection.
Participants attending this course will
- Understand basic concepts of security, IT security, and secure coding
- Understand the requirements of secure communication
- Learn about network attacks and defenses at different OSI layers
- Have a practical understanding of cryptography
- Understand essential security protocols
- Understand some recent attacks against cryptosystems
- Get information about some recent related vulnerabilities
- Understand security concepts of Web services
- Get sources and further readings on secure coding practices
Audience
Developers, Professionals
C/C++ Secure Coding
21 HoursDeveloping secure C and C++ applications demands stringent defense mechanisms against malicious exploitation, memory corruption, and input validation bypasses. This course explores common vulnerability patterns such as buffer overflows, use-after-free errors, integer overflows, and type confusion. Participants will implement secure coding standards, utilize static analysis tools, and apply defensive programming practices to mitigate weaknesses, enforce rigorous input sanitization, and build robust software that withstands cyber threats.
Advanced Java Security
21 HoursEven seasoned Java developers often do not fully master the various security services provided by Java, nor are they always aware of the different vulnerabilities relevant to web applications written in Java.
Aside from introducing the security components of Standard Java Edition, this course addresses security issues in Java Enterprise Edition (JEE) and web services. The discussion of specific services is preceded by a foundation in cryptography and secure communication. Various exercises cover declarative and programmatic security techniques in JEE, while both transport-layer and end-to-end security of web services are discussed. The use of all components is presented through several practical exercises, allowing participants to try out the discussed APIs and tools themselves.
The course also covers and explains the most frequent and severe programming flaws in the Java language and platform, as well as web-related vulnerabilities. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by recommended coding guidelines and possible mitigation techniques.
Participants attending this course will
- Understand basic concepts of security, IT security, and secure coding
- Learn about web vulnerabilities beyond the OWASP Top Ten and know how to avoid them
- Understand security concepts of web services
- Learn to use various security features of the Java development environment
- Have a practical understanding of cryptography
- Understand security solutions of Java EE
- Learn about typical coding mistakes and how to avoid them
- Get information about some recent vulnerabilities in the Java framework
- Get practical knowledge in using security testing tools
- Get sources and further readings on secure coding practices
Audience
Developers
Groovy Programming
21 HoursApache Groovy is a dynamic programming language for the JVM (Java Virtual Machine). Its key features include scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming, and functional programming. Groovy is frequently used to complement Java.
In this instructor-led live training, participants will learn to program in Groovy by building a sample application step by step.
Audience
- Developers
Format of the course
- A mix of lectures, discussions, exercises, and extensive hands-on practice
Groovy Programming for Beginners
14 HoursThis instructor-led, live training in the UAE (online or onsite) is designed for beginner-level developers who wish to learn the fundamentals of Groovy Programming.
By the end of this training, participants will be able to:
- Grasp fundamental programming concepts.
- Write simple Groovy scripts and leverage core Groovy features.
- Understand and apply basic principles of object-oriented programming using Groovy.
- Acquire basic error-handling techniques to manage common programming errors and exceptions in Groovy.
Java Microservices
21 HoursThis instructor-led, live training in the UAE (online or onsite) targets intermediate-level Java developers who wish to design, develop, deploy, and maintain microservices-based applications using Java frameworks like Spring Boot and Spring Cloud.
By the end of this training, participants will be able to:
- Understand the principles and benefits of microservices architecture.
- Build and deploy microservices using Java and Spring Boot.
- Implement service discovery, configuration management, and API gateways.
- Secure, monitor, and scale microservices effectively.
- Deploy microservices using Docker and Kubernetes.
Building Microservices with Spring Boot, Docker, and Kubernetes
21 HoursThis instructor-led live training in the UAE (available online or onsite) is aimed at intermediate to advanced developers looking to master microservice development using Spring Boot, Docker, and Kubernetes.
By the conclusion of this training, participants will be equipped to:
- Understand the fundamental principles of microservices architecture.
- Develop production-ready microservices using Spring Boot.
- Appreciate the critical function of Docker in containerizing microservices.
- Configure Kubernetes clusters for the deployment and orchestration of microservices.
Quarkus for Developers
14 HoursThis instructor-led, live training in the UAE (online or onsite) is designed for developers who wish to utilize Quarkus to build, test, and deploy applications, fully powered by Java, but with reduced resource utilization.
By the end of this training, participants will be able to:
- Set up the necessary development environment to start developing applications with Quarkus.
- Build, compile, and run applications in native mode using GraalVM.
- Utilize Quarkus tooling and extensions for building native applications using Maven.
- Containerize, execute, and deploy applications with Docker.
Quarkus for Java Native and Microservice Development
40 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at intermediate-level to advanced-level developers and architects who wish to develop Java native applications and microservices using Quarkus with optimized memory usage and startup time.
By the end of this training, participants will be able to:
- Develop high-performance, lightweight Java native applications using Quarkus.
- Build and deploy RESTful services and microservices architectures.
- Use GraalVM for native compilation and optimize startup and memory efficiency.
- Package and containerize applications for Kubernetes and OpenShift environments.
RabbitMQ with Java and Spring
14 HoursThis instructor-led live training in the UAE (online or onsite) is aimed at software architects and web developers who wish to use RabbitMQ as a messaging middleware and program in Java using Spring to build applications.
By the end of this training, participants will be able to:
- Use Java and Spring with RabbitMQ to build applications.
- Design asynchronous message-driven systems using RabbitMQ.
- Create and apply queues, topics, exchanges, and bindings in RabbitMQ
Spring Boot, React, and Redux
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at web developers who wish to build functional front-end and back-end web applications with Spring Boot, React, and Redux.
By the end of this training, participants will be able to:
- Build a front-end application with React and Redux.
- Create RESTful APIs with Spring Boot.
- Secure web services with Spring security and JWT web tokens.
Spring 5
21 HoursThis instructor-led live training, offered the UAE (online or on-site), is intended for Java developers aiming to utilize the Spring 5 framework for developing and deploying enterprise web applications.
By the conclusion of this training, participants will be able to:
- Install and configure Spring 5.
- Understand and implement the latest features of Spring 5.
- Access databases via Spring applications.
- Employ the new reactive web framework, WebFlow, to build reactive applications.
- Integrate Spring applications with legacy Java EE environments.
- Test and deploy enterprise-standard Spring applications.
Spring Basics with Spring Boot 3.5.5 and Java 21
14 HoursSpring is a robust Java framework designed to simplify enterprise application development through powerful dependency injection, a modular architecture, and streamlined configuration capabilities.
This instructor-led live training, available online or onsite, is tailored for beginner-level Java developers aiming to build modern, production-ready web applications using the latest Spring Framework and Spring Boot 3.5.5 alongside Java 21.
Upon completing this training, participants will be able to:
- Grasp Spring’s core principles, including IoC, DI, and AOP.
- Configure Spring applications using XML, annotations, and JavaConfig.
- Develop RESTful services leveraging Spring Boot and JPA.
- Implement CRUD operations, manage transactions, and handle data persistence.
- Utilize advanced Spring features such as profiles, exception handling, and data serialization.
Course Format
- A concise theoretical overview followed by extensive practical exercises.
- Hands-on implementation using real-world scenarios.
- Interactive discussions and guided troubleshooting sessions.
Customization Options
- For tailored training requirements, please contact us to make arrangements.
Spring WebFlux: Reactive Programming for Scalable Web Applications
35 HoursSpring WebFlux is a reactive programming module within the Spring Framework, designed to facilitate the creation of non-blocking, event-driven web applications.
This instructor-led live training, available either online or onsite, targets beginner to intermediate Java developers aiming to construct scalable and responsive applications utilizing Spring WebFlux.
Upon completing this training, participants will be equipped to:
- Grasp the core principles of reactive programming using Project Reactor.
- Develop and test non-blocking RESTful APIs leveraging Spring WebFlux.
- Seamlessly integrate WebFlux with databases and external services.
- Apply reactive design patterns to practical application scenarios.
Course Format
- Engaging lectures accompanied by group discussions.
- Extensive exercises and practical sessions.
- Live laboratory implementation exercises.
Customization Options
- For tailored training requests, please reach out to us to make arrangements.
Spring Webflux
14 HoursThis instructor-led, live training in the UAE (online or onsite) is designed for developers seeking to utilize WebFlux for developing and deploying reactive applications.
Upon completion of this training, participants will be able to:
- Install and configure Spring 5 and the WebFlux framework.
- Develop reactive applications and services.