NEW!
Secure Java Coding Training
(FW1095)
3 Day Course
Java Secure Coding is a hands-on, lab-intensive Java security, code-level training course that teaches students the best practices for designing, implementing, and deploying secure programs in Java. Students will take an application from requirements through to implementation, analyzing and testing for software vulnerabilities. This course explores well beyond basic programming skills, teaching developers sound processes and practices to apply to the entire software development lifecycle. Perhaps just as significantly, students learn about current, real examples that illustrate the potential consequences of not following these best practices. This course is short on theory and long on application, providing students with in-depth, code-level labs.
A key component to our Best Defense IT Security Training Series, this workshop is a companion course with several developer-oriented courses and seminars. Although this edition of the course is Java-specific, it may also be presented using .Net (TT8200-N) or other programming languages.
Students who attend Secure Java Coding will leave the course armed with the required skills to recognize software vulnerabilities (actual and potential) and implement defenses for those vulnerabilities. This course quickly introduces developers to the various types of threats against their software.
The concept and process of Threat Modeling is introduced as a key enabler for implementing effective and appropriate security for software and information assets. This course includes coverage of the many security-related technologies and APIs that exist in the Java world.
Working in a hands-on, dynamic learning environment, let our expert security team, attendees will learn to:
- Understand the concepts and terminology behind defensive coding
- Understand and use Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets
- Learn the entire spectrum of threats and attacks that take place against software applications in todays world
- Use Threat Modeling to identify potential vulnerabilities in a real life case study
- Perform both static code reviews and dynamic application testing to uncover vulnerabilities in Java applications
- Understand the vulnerabilities of the Java programming language and the JVM as well as how to harden both
- Understand and work with Java 2 platform security to gain an appreciation for what is protected and how
- Understand the role that Java Authentication and Authorization Service (JAAS) has in Java applications
- Use JAAS in conjunction with a Java application for both authentication and authorization
- Understand the basics of Java Cryptography (JCA) and Encryption (JCE) and where they fit in the overall security picture
- Understand the fundamentals of XML Digital Signature and XML Encryption
This class is "technology-centric", designed to train attendees in essential secure coding and development skills, coupling the most current, effective techniques with the soundest industry practices. This workshop is about 50% dynamic lab exercises and 50% lecture.
The course provides a solid foundation in basic terminology and concepts, extended and built upon throughout the engagement. Students will examine various recognized attacks against web applications. Processes and best practices are discussed and illustrated through both discussions and group activities.
The second portion of the course steps through a series of vulnerabilities illustrating in very real terms the right way to implement secure web applications. The last portion of the course examines several design patterns that can be used to facilitate better application architecture, design, implementation, and deployment.
|
|
Pre-Class
- Verify your learning Objectives
During-Class
- Capture Tools, Q&A, demos and white boards
- Screen Sharing
|
- Feedback on Lab work
- On-the-fly Adjustments to meet your needs
After-Class
|
| Onsite Setup Instructions
| |
PC Requirements:
In order to participate in the class you must meet the minimum PC requirements listed below.
- Hardware: Intel-based machine (Pentium III or better) with at least 10G free disk space
- O/S: Windows 2000, Windows XP or Windows Vista
- RAM / Disk Space: 800MHz processor; 2 GB RAM
- Internet: High speed internet access
- Browser: Microsoft Internet Explorer 6.0 or later versions, Firefox V1.5 or later versions.
- Monitor: Minimum 800 X 600 resolution; High color (16 bit) display definition
- Audio: Headset, or microphone and earphones (Headset is provided in Student Kit)
- Course Software:
- Installing AT&T Connect - Approximately 4-5 days before the start date of the class you will receive an email with instructions for installing the AT&T Connect client.
- Using the LoadNGo - All course software (except AT&T Connect) and labs are included on the LoadNGo DVD (see above for more information on the LoadNGo)
|
|
|
| Remote Access Available
| |
Secure Java Coding Training is now available as a remote access course.
You can now take open enrollment courses in our Los Angeles and Boston facilities without traveling. Remote Access to our ongoing schedule of instructor-led courses will allow you to fully participate real-time in expert-level lectures, demos and labs that have made DevelopMentor a leader in software development training. We've added new collaboration tools and prepared our instructors for remote students in class so you will be fully engaged in the learning process.
|
|
|
| Mentoring
| |
Quickly assimilate what you learn in Secure Java Coding Training and apply it to your project by taking advantage of our Mentoring services.
Our dedicated mentors facilitate your team's development. We add value to your business by enhancing the talent of your employees and maximizing their productivity. Mentors integrate the methodologies, technologies and practical experiences of the classroom through an on-the-job and on-the-project experience that produces real-world results.
|
|
|
| Onsite
| |
Secure Java Coding Training is also available as an onsite course.
If you have a group of people to train, an on-site course, delivered at your facility may be the most cost-effective solution for you. Our staff will work with your team to plan and produce the best possible result based on your team's size, experience levels, project needs and longer-term goals. We can structure a training course, or broader program, tailored to meet the specific needs of your organization. We'll make sure that any lab exercises run on the platform you use and we can tailor the lab exercises to be appropriate to your business. If you prefer to focus on just the pure technological principles, we can also deliver courses at your facility following the same format as our public curriculum.
|
|
|
| About the Author
| |
|
|
|