Secure Java Web Application Development Lifecyle (SDL) is a lab-intensive, hands-on Java / JEE security course. This training is essential for experienced enterprise developers who need to engineer, maintain, and support secure JEE-based web applications. In addition to teaching basic secure programming skills, this course digs deep into processes and practices that apply to the entire software development lifecycle.
Students will thoroughly examine best practices for defensively coding web applications, including XML processing, rich interfaces, and both RESTful and SOAP-based web services. Students will repeatedly attack and then defend various assets associated with fully-functional web applications and web services. This hands-on approach drives home the mechanics of how to secure JEE web applications in the most practical of terms.
Security experts agree that the least effective approach to security is “penetrate and patch”. It is far more effective to “bake” security into an application throughout its lifecycle. After spending significant time trying to defend a poorly designed (from a security perspective) web application, developers are ready to learn how to build secure web applications starting at project inception. The final portion of this course builds on the previously learned mechanics for building defenses by exploring how design and analysis can be used to build stronger applications from the beginning of the software lifecycle.
This workshop is a key component to our Best Defense IT Security Training Series. Although this edition of the course is Java-specific, it may also be presented using .Net or other programming languages.
This course is also available on our public schedule via Live Virtual Classroom: