Secure Java Coding - Lifecycle
Summary:
Secure Java Coding - Lifecycle is a hands-on, lab-intensive Java security, code-level training course that teaches students the best practices for designing, implementing, and deploying secure programs in Java. Students will take an application from requirements through to implementation, analyzing and testing for software vulnerabilities. This course explores well beyond basic programming skills, teaching developers sound processes and practices to apply to the entire software development lifecycle. Perhaps just as significantly, students learn about current, real examples that illustrate the potential consequences of not following these best practices. This course is short on theory and long on application, providing students with in-depth, code-level labs.Security experts agree that the least effective approach to security is "penetrate and patch". It is far more effective to "bake" security into an application throughout its lifecycle. After spending significant time trying to defend a poorly designed (from a security perspective) web application, developers are ready to learn how to build secure web applications starting at project inception. The final portion of this course builds on the previously learned mechanics for building defenses by exploring how design and analysis can be used to build stronger applications from the beginning of the software lifecycle.
Duration:
4 Days/Lecture & Lab
Audience:
This is an intermediate-level Java programming course designed for application project stakeholders who wish to get up and running on developing well defended Java applications.
Topics:
- Defensive Coding Overview
- Vulnerabilities
- Java Security Fundamentals
- Cryptography Overview
- Code Location-Based Security
- User-based J2SE Security
- Java Network Security
- Code Level Security Best Practices
- Enterprise Security
- Defending XML Processing
- Secure Software Development (SSD)
- Security Testing
Prerequisites:
Familiarity with the Java programming language is required, and real world programming experience is highly recommended.
Last Update: May 23, 2012
