Platform
Web
Audience
Java developers working on Web applications
Preparedness
General Java and Web development
Standards and references
OWASP, SEI CERT, CWE and Fortify Taxonomy
Outline
What you will learn
Description
The course provides a comprehensive exploration of secure coding principles and practices tailored specifically for Java developers. Starting off from the foundations of cybersecurity, you will understand the consequences of insecure code by examining threats through the lens of the CIA triad.
In the main part of the material, you will systematically walk through the various vulnerabilities outlined in the OWASP Top Ten. As you progress through the modules investigating the intricacies of authentication and authorization, through realizing the practical aspects of cryptography, to tackling injection attacks, you will gain a deep understanding of both theoretical concepts and practical skills for securing Java web applications. Further subjects are aligned to some common software security weakness types, such as error handling, code quality or denial of service.
These modules go beyond just the theory. Not only do they identify vulnerabilities, show their consequences, and detail the best practices, but – through hands-on labs and real-world case studies – they offer practical experience in identifying, exploiting, and mitigating these security risks within Java-based web applications.
So that you are prepared for the forces of the dark side.
So that nothing unexpected happens in your code.
Nothing.
Note: This course content is available as an e-learning subscription. We reserve a period of 3 months to digest the foundational material, after which we activate shorter learning units on a monthly basis. This gives secure coding efforts an initial boost, and builds up sustained readiness over time. These learning units are indicated in red in the table of contents below.