Secure Web App Development Overview - Java / JEE from CDW

Course Overview

Overall Proficiency Level

2 - Intermediate

Course Prerequisites

Familiarity with Java and JEE is required.
Real world programming experience is highly recommended.
Ideally students should have approximately 6 months to a year of Java and JEE working knowledge.

Training Purpose

Management Development

Skill Development

Specific Audience

All

Delivery Method

Classroom

Online, Instructor-Led

Course Locations

8890 McGaw Road
Suite 200
Columbia, MD 21045

625 W Adams Street
Chicago, IL 60661

5908 Headquarters Drive
Suite 400
Plano, TX 75024

201 N Franklin St
Floor 37
Tampa, FL 33602

40 E. Rio Salado Parkway
Suite 200
Tempe, AZ 85281

Course Location Map

Your Location
Providers
Courses
Course and Provider Quantity

Classroom
Online, Instructor-Led

Learning Objectives

Ensure that any hacking and bug hunting is performed in a safe and appropriate manner
Identify defect/bug reporting mechanisms within their organizations
Work with specific tools for targeted vulnerabilities
Avoid common mistakes that are made in bug hunting and vulnerability testing
Understand the concepts and terminology behind defensive, secure coding including the phases and goals of a typical exploit
Develop an appreciation for the need and value of a multilayered defense in depth
Understand potential sources for untrusted data
Understand the consequences for not properly handling untrusted data such as denial of service, cross-site scripting, and injections
To test web applications with various attack techniques to determine the existence of and effectiveness of layered defenses
Prevent and defend the many potential vulnerabilities associated with untrusted data
Understand the vulnerabilities of associated with authentication and authorization
Detect, attack, and implement defenses for authentication and authorization functionality and services
Understand the dangers and mechanisms behind Cross-Site Scripting (XSS) and Injection attacks
Detect, attack, and implement defenses against XSS and Injection attacks
Understand the risks associated with XML processing, file uploads, and server-side interpreters and how to best eliminate or mitigate those risks
Learn the strengths, limitations, and use for tools such as code scanners, dynamic scanners, and web application firewalls (WAFs)
Understand techniques and measures that can used to harden web and application servers as well as other components in your infrastructure
Recognize and characterize existing and planned defensive controls
Relate controls and activities to the phases of a typical exploit
Understand and implement the processes and measures associated with the security development lifecycle (SDL)
Identify appropriate security objectives and regulations including evolving privacy considerations
Develop a list of risk escalators as well as potential mitigations based on an understanding of vulnerabilities
Recognize design features that can significantly increase an application’s attack surface
Build an asset inventory and begin the process of prioritizing their value
Work with a baseline asset inventory to develop an initial asset inventory for a software application
Understand and apply defensive options to data assets

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Secure Web App Development Overview - Java / JEE

Course Overview

Learning Objectives

Framework Connections

Competency Areas

Work Roles

Feedback