Fast Track to Securing Java / JEE Web Applications is a lab-intensive, hands-on Java / JEE security training course, essential for experienced enterprise developers who need to engineer, maintain, and support secure JEE-based web applications. In this course, students thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities (such as file uploads, CSRF and direct object references). Students will repeatedly attack and then defend various assets associated with fully functional web applications and services. This hands-on approach drives home the mechanics of how to secure JEE web applications in the most practical of terms.
This course is PCI Compliant. Although this edition of the course is Java-specific, it may also be presented using .Net or other programming languages.
*Ways To Learn*
Students who attend Fast Track to Securing Java / JEE Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities, implement defenses for those vulnerabilities, and test those defenses for sufficiency. This course introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses.
Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux.
Working in a dynamic, lab-intensive hands-on coding environment students will learn to:
Need different skills or topics? If your team requires different topics or tools, additional skills or custom approach, this course may be further adjusted to accommodate. We offer additional Java / JEE, secure coding, development, hacking, database security, bug hunting and other related topics that may be blended with this course for a track that best suits your needs. Our team will collaborate with you to understand your needs and will target the course to focus on your specific learning objectives and goals.
This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge.
Please see the Related Courses tab for specific Pre-Requisite courses, Related Courses that offer similar skills or topics, and next-step Follow-On Courses and Learning Path recommendations.
Please note that this list of topics is based on our standard course offering, evolved from typical industry uses and trends. We’ll work with you to tune this course and level of coverage to target the skills you need most. Course agenda, topics and labs are subject to adjust during live delivery.
Session: Foundation
Lesson: Principles of Information Security
Lesson: Hunting the Bugs
Session: Bug Stomping 101
Lesson: Unvalidated Data
Lesson: A1: Injection
Lesson: A2: Broken Authentication
Lesson: A3: Sensitive Data Exposure
Lesson: A4: XML External Entities (XXE)
Lesson: A5: Broken Access Control
Session: Bug Stomping 102
Lesson: A6: Security Misconfiguration
Lesson: A7: Cross Site Scripting (XSS)
Lesson: A8/9: Deserialization/Vulnerable Components
Lesson: A10: Insufficient Logging and Monitoring
Lesson: Spoofing, CSRF, and Redirects
Session: Moving Forward
Lesson: What's Next?
Student Materials: Each participant will receive a Student Guide with course notes, code samples, software tutorials, step-by-step written lab instructions, diagrams and related reference materials and resource links. Students will also receive the project files (or code, if applicable) and solutions required for the hands-on work. Any courseware of lab materials provided in a cloud (if applicable) will also be made available to you separately.
Hands-On Setup Made Simple! Our dedicated tech team will work with you to ensure our ‘easy-access’ cloud-based course environment is accessible, fully-tested and verified as ready to go well in advance of the course start date, ensuring a smooth start to class and effective learning experience for all participants. We can also help you install this course locally if preferred. Please inquire for details and options.
Every-Course Extras = High-Value & Long-Term Learning Support! All Public Schedule courses include our unique EveryCourse Extras package (Post-Course Resource Site access with Review Labs & Live Instructor Follow-on Support, access to QuickSkills recorded High-Value lessons, Free *Live* Course Refresh Re-Takes, early access to Special Offers, Free Courses & more). Please inquire for details.
Live scheduled classes are listed below or browse our full course catalog anytime
Check out custom training solutions planned around your unique needs and skills.
Exclusive materials, ongoing support and a free live course refresh with every class.
Please see the current upcoming available open enrollment course dates posted below. Please feel free to Register Online below, or call 844-475-4559 toll free to connect with our Registrar for assistance. If you need additional date options, please contact us for scheduling.
Course Title | Days | Date | Time | Price | |
---|---|---|---|---|---|
Fast Track to Securing Java / JEE Web Applications | 3 Days | Mar 29 to Apr 1 | 09:00 AM to 01:00 PM EST | $2,495.00 | Register |
Fast Track to Securing Java / JEE Web Applications | 3 Days | Apr 12 to Apr 15 | 02:00 PM to 06:00 PM EST | $2,495.00 | Register |
Fast Track to Securing Java / JEE Web Applications | 3 Days | May 17 to May 20 | 09:00 AM to 06:00 PM EST | $2,495.00 | Register |
Fast Track to Securing Java / JEE Web Applications | 3 Days | Jun 14 to Jun 17 | 02:00 PM to 06:00 PM EST | $2,495.00 | Register |
Fast Track to Securing Java / JEE Web Applications | 3 Days | Jul 19 to Jul 22 | 09:00 AM to 01:00 PM EST | $2,495.00 | Register |
New Site, BIG Savings!
We're celebrating the launch of our lonnngggg awaited new site with with *50% off all 2021 Public Classes* booked by March 31! Check out our Current Offers for Individuals, Teams and Organizations to Learn for Less!
Special Offers
Limited Offer for most courses.
SAVE 50%