Writing Secure Code - Java (J2EE)

View Course Syllabus  Enroll Now  

 

Software insecurity has become one of the biggest security concerns facing organizations today. As hackers turn their attention to the software and applications that make up an organization’s IT infrastructure, people are realizing that the best way to protect that infrastructure is by building secure software and writing secure code.

This course qualifies for up to 32 hours of CPE for CISSP/SSCP.

What Will You Learn?

Understand the key security features of the J2EE platform, the common web security pitfalls developers make and how to build secure and reliable web applications using Java. Students are lead through hands on code examples that highlight issues and prescribe solutions.

All students are challenged with real world examples which are reinforced by practical and realistic code level lab exercises. The course uses Hacme Bookstore™, a web security training application written by Foundstone and the sister application to Hacme Bank™. Students are required to fix known issues during the first three days during labs and then renovate the entire bookstore’s code during the final workshop day.

All instruction is taught around JDK 1.4+. Where appropriate older version features are described for completeness.

Why Do We Teach This?

Implementing traditional security countermeasures is becoming less effective at protecting organization’s critical assets. Flaws in poorly developed software are open invitations to malicious intruders who are adept at identifying programming flaws. Developers must learn how to avoid introducing vulnerabilities and implement security measures effectively into their code.

Who Teaches the Course?

Foundstone software security instructors are software developers who have performed hundreds of software audits, code reviews and have ran software security programs at major financial services companies. They have managed security programs at the Big 5 accounting firms, the United States Air Force, and on Wall Street and are frequent authors and public speakers. Most importantly they are professional software developers themselves.

Who Should Take the Course?

This course is for professional software developers or software security auditors who have been working with the .J2EE framework for at least 1 year. A comprehensive knowledge of the J2EE framework, the Java language, and web technology is required.

What Do You Get?

Includes the use of an individual dual-boot Windows laptop for use during the course, use of the lab network and computers, a course book and lab exercise book. All code used in the class including Hacme Bookstore is also available, subject to licenses restrictions.

If you have questions about Ultimate Hacking: Hands On courses, please e-mail us at training@foundstone.com or call 877.91.FOUND.

home | services | company | education | resources | contact | privacy policy | site map | McAfee.com