About the course
Even experienced Java programmers are not mastering by all means the various security services offered by Java, and are likewise not aware of the different vulnerabilities that are relevant for Web applications written in Java.
The course – besides introducing security components of Standard Java Edition – deals with security issues of Java Enterprise Edition (JEE) and Web services. Discussion of specific services is preceded with the foundations of cryptography and secure communication. Various exercises deal with declarative and programmatic security techniques in JEE, while both transport-layer and end-to-end security of Web services is discussed. The use of all components is presented through several practical exercises, where participants can try out the discussed APIs and tools for themselves.
Upon completion of this course, you will be able to:
* Understand basic concepts of security, IT security, cryptography and secure coding
* Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
* Understand security solutions of JEE and learn Web services security
* Learn to use various security features of the Java development environment
* Get information about some recent vulnerabilities in Java framework
* Learn about typical coding mistakes and how to avoid them
* Get sources and further reading on secure coding practices