• Home

  • Documents

  • Writing Secure Java Code - Application security made easy...Writing Secure Java Code – SS202 This...
2
Writing Secure Java Code – SS202 This technical course covers a wide range of application security topics related to Java applications. During this hands-on course, students will examine actual Java code, tools, and other resources that help them understand how hackers think, the techniques they use to attack their applications and the best countermeasures they can use to mitigate the risk of those attacks. Target Audience § Java Software Developers § Technical Leads § Software Architect Course Requirements & Prerequisites § Application Security Fundamentals – SS101 § Intermediate to expert understanding of the web as well as the HTTP protocol. § Intermediate to expert experience with web development technologies such as HTML, CSS, JavaScript, SQL, etc § Students are required to bring their own laptops with a minimum of 4 GB RAM installed. § VMware Workstation / Fusion / VirtualBox installed. § At least 60 GB HD free § Wired Network Support § USB 2.0/3.0 Support Writing Secure Java Code SS-202 “This was a great class! The instructor is quite knowledgeable and makes the classes fun and informative. He is open to questions and tries to answer every one of them. Sherif is a joy!” Keith Cooper – Elavon 2 Days Course

Writing Secure Java Code - Application security made easy...Writing Secure Java Code – SS202 This technical course covers a wide range of application security topics related to Java

  • Upload
    others

  • View
    10

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Writing Secure Java Code - Application security made easy...Writing Secure Java Code – SS202 This technical course covers a wide range of application security topics related to Java

Writing Secure Java Code – SS202

This technical course covers a wide range of application security topics related to Java applications. During this hands-on course, students will examine actual Java code, tools, and other resources that help them understand how hackers think, the techniques they use to attack their applications and the best countermeasures they can use to mitigate the risk of those attacks.

Target Audience § Java Software Developers § Technical Leads § Software Architect

Course Requirements & Prerequisites § Application Security Fundamentals – SS101 § Intermediate to expert understanding of the web as well as the HTTP protocol. § Intermediate to expert experience with web development technologies such as HTML, CSS, JavaScript, SQL, etc § Students are required to bring their own laptops with a minimum of 4 GB RAM installed. § VMware Workstation / Fusion / VirtualBox installed. § At least 60 GB HD free § Wired Network Support § USB 2.0/3.0 Support

Writing Secure Java Code SS-202

“This was a great class! The instructor is quite knowledgeable and makes the classes fun and informative. He is open to questions and tries to answer every one of them. Sherif is a joy!”

Keith Cooper – Elavon 2 Days Course

Page 2: Writing Secure Java Code - Application security made easy...Writing Secure Java Code – SS202 This technical course covers a wide range of application security topics related to Java

Writing Secure Java Code – SS202

Course Contents § Introduction § Attacking & Securing Data Storages:

o SQL Injection o XML Injection o XPath Injection o Parameterization o Secure Stored Proc Usage

§ Attacking & Securing OS Calls o Path manipulation o Secure File Upload o Command Injection o Secure OS system calls

§ Attacking & Securing User Input o The 6 contexts of cross-site scripting o Whitelisting vs. blacklisting o Using RegEx in Java

§ Attacking & Securing Authentication and Authorization o Designing secure authentication process o Designing secure authorization process o Using Spring security to secure authentication and authorization

§ Attacking & securing the software security supply chain § Exploiting & preventing cross-site request forgery using the synchronizer pattern § Attacking & securing direct object reference using indirect reference maps § Implementing secure cryptography § Securing the transport layer § Exception management and error handling § Securing redirect and forwards § Overview of a secure software development lifecycle. § Quick overview of effective security code review techniques. § Conclusion and closeout remarks


Secure Computing With Java

Secure Computing With Java

Technology
Secure Coding For Java - Une introduction

Secure Coding For Java - Une introduction

Engineering
Writing modular java script

Writing modular java script

Technology
Secure Coding Standard for Java

Secure Coding Standard for Java

Education
Making the Future Secure with Java

Making the Future Secure with Java

Documents
Writing Secure Code in Oracle

Writing Secure Code in Oracle

Documents
Secure Coding in Java and .NET

Secure Coding in Java and .NET

Documents
Secure Code Review Java

Secure Code Review Java

Documents
JavaOne2013: Secure Engineering Practices for Java

JavaOne2013: Secure Engineering Practices for Java

Technology
ACOSJ Secure Java Card Platform - Advanced Card … · ACOSJ . Secure Java Card Platform. A Product ... • Applications written in Java and can run on any Java Card ... ACOSJ Architecture

ACOSJ Secure Java Card Platform - Advanced Card … · ACOSJ . Secure Java Card Platform. A Product ... • Applications written in Java and can run on any Java Card ... ACOSJ Architecture

Documents
Pci compliance writing secure code

Pci compliance writing secure code

Technology
ESET Secure Authentication Java SDK

ESET Secure Authentication Java SDK

Documents
Making All Client Side Java Secure

Making All Client Side Java Secure

Documents
Writing Secure Web Applications

Writing Secure Web Applications

Documents
Secure Coding for Java - An Introduction

Secure Coding for Java - An Introduction

Technology
Java Secure Coding Practices

Java Secure Coding Practices

Engineering
Introduction to Programming Writing Java Beginning Java Programs

Introduction to Programming Writing Java Beginning Java Programs

Documents
Secure Messaging Extension User’s Guide (Java) · Secure Messaging Extension User’s Guide Release 4.5.2 Java Version. ... The Secure Messaging Extension performs the encryption

Secure Messaging Extension User’s Guide (Java) · Secure Messaging Extension User’s Guide Release 4.5.2 Java Version. ... The Secure Messaging Extension performs the encryption

Documents
Developing Secure Java Web Services, Java EE 6edu.fors.ru/toc/2011/D66105GC10_TOC.pdfDeveloping Secure Java Web Services, Java EE 6 ... 1.14 Message Digests .....1-30 ... A.15 Identity

Developing Secure Java Web Services, Java EE 6edu.fors.ru/toc/2011/D66105GC10_TOC.pdfDeveloping Secure Java Web Services, Java EE 6 ... 1.14 Message Digests .....1-30 ... A.15 Identity

Documents
Writing Portable WebSockets in Java

Writing Portable WebSockets in Java

Technology
Java Secure Socket

Java Secure Socket

Documents
Java secure development part 3

Java secure development part 3

Software
Writing secure iOS applications

Writing secure iOS applications

Documents
Writing Secure WordPress Code

Writing Secure WordPress Code

Technology
JSIM (Java Secure Instant Messenger)

JSIM (Java Secure Instant Messenger)

Documents
Writing Secure Java Code: A Taxonomy of Heuristics and an ...warebuilt.com/wp-content/uploads/2016/09/ware-writing...writing secure code can be correlated with design principles, principles

Writing Secure Java Code: A Taxonomy of Heuristics and an ...warebuilt.com/wp-content/uploads/2016/09/ware-writing...writing secure code can be correlated with design principles, principles

Documents
Chapter 2: Writing Java Programs Java Programming FROM THE BEGINNING 1 Chapter 2 Writing Java Programs

Chapter 2: Writing Java Programs Java Programming FROM THE BEGINNING 1 Chapter 2 Writing Java Programs

Documents
Secure java script-for-developers

Secure java script-for-developers

Education
Secure Coding Guidelines for Java SE

Secure Coding Guidelines for Java SE

Documents
Java – Secure Application Manager · 2015 e ee t eee 3 Java – Secure Application Manager how-to document Introduction: The Java version of the Secure Application Manager provides

Java – Secure Application Manager · 2015 e ee t eee 3 Java – Secure Application Manager how-to document Introduction: The Java version of the Secure Application Manager provides

Documents