21 hours (usually 3 days including breaks)
- Experience with Java.
- Experience of creating web applications.
This course covers the secure coding concepts and principals with Java through Open Web Application Security Project (OWASP) methodology of testing. The Open Web Application Security Project is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
- understand the web Threats and Attack Vectors
- know the Secure Design Principles
- understand OWASP Top 10 attacks
- understand the Authentication and Authorization problems
- know how to prevent Cross-Site Scripting
- know how to prevent Cross-Site Request Forgery
- understand the secure Development Cycle
- know how to prevent Injection Attacks
- understand the protections in JDBC and JPA
- understand the Penetration Testing methodologies
- Know how to secure Java Applications
The OWASP overview, especially slides with the specific examples of attacks. OWASP Zap tool.
I saw some security risk being easier to use than I expected It helped us to find some security holes in our Product