eConsulting Group, Inc.eConsulting Group YouTube VideoseConsulting Group on FacebookAgile Experts Meetup GroupAgile and Project Management Training and Consulting Experts in LinkedIn
PRE1013 - Securing Java Web Applications

PRE1013 - Securing Java Web Applications

Duration: 3 days

Price: $1638.75

Description

This course shows Java web developers how to secure their applications and to apply best practices with regard to secure enterprise coding. Authentication, authorization, and input validation are major themes, and students get good exposure to basic Java cryptography for specific development scenarios, as well as thorough discussions of HTTPS configuration and certificate management, error handling, logging, and auditing. Perhaps the most eye-opening parts of the course concern common web "hacks," or attack vectors. Students see how easy it is to leave an application unguarded against cross-site scripting (XSS), cross-site request forgery (CSRF), SQL injection, and other attack types -- and learn that it's also easy to fix such vulnerabilities and the importance of a secure development process.

Learning Objectives

• Generally, be prepared to develop secure Java web applications, or to secure existing applications by refactoring as necessary.
• Define security constraints and login configurations that instruct the web container to enforce authentication and authorization policies.
• Guard against common web attacks including XSS, CSRF, and SQL injection.
• Validate user input aggressively, for general application health and specifically to foil injection and XSS attacks.
• Configure a server and/or application to use one-way or two-way HTTPS.
• Apply application-level cryptography where necessary.
• Store sensitive information securely, hash user passwords, and understand the importance of salting and of using slow hashing algorithms and processes, to maximize the safety of stored credentials.
• Secure log files and establish audit trails for especially sensitive information or actions.

Method of Delivery

• Onsite/Live class instructions or Online web conference
• Lectures
• Open discussion
• Case studies
• Surveys

eCG Logo XS

Chicago Downtown Location:
20 N. Wacker Dr. Suite 1200
Chicago, IL 60606

Direct: +1 (312) 804-9992
Office: +1 (312) 804-0772
Fax: +1 (312) 803-2223
Toll Free: (866) 482 8275

E-mail: info@ecgmn.com

 

All names and logos are registered trademarks of their respective owners.

eConsulting Group®, Agile Expert™, Business Analyst Expert™, Database Management Expert™, Hands On Project Management™, Healthcare IT Expert™, Human Resource Expert™, Link2Task™, Link2Project™, Management Expert™, Network Security Expert™, Office Management Expert™, Programming Expert™, Project Book™, Project Management Expert™, Project Management Specialist™, Project Manager Master Level™, Project2Market™, Renewable Energy Management Expert™, Six Sigma Expert™, Social Media Expert™, We Build Project Managers™, and Web Development Expert™ are registered certificates and trademarks of eConsulting Group, Inc.

PMI-ACP, PMI, CAPM, PMP, Project Management Professional, and PMBOK® Guide are registered marks of the Project Management Institute, Inc.

GI Bill® is a registered trademark of the U.S. Department of Veterans Affairs (VA). More information about education benefits offered by VA is available at the official U.S. government Web site at https://www.benefits.va.gov/gibill.

Copyright © 2019 eConsulting Group, Inc. All Rights Reserved. Please read our Privacy Policy.

Search