Java Servlet, JSP and JBDC Fundamentals Training Course

Teaches attendees the fundamentals of administering Apache Tomcat and other Java EE environments.

The course is a mixture of lectures and hands-on exercises. Delegates learn by doing, with immediate opportunities to apply the material they learn to real-world problems.

This instructor-led, live training in the US (online or onsite) covers the essentials of installing, configuring, securing, optimizing and managing a Resin application server.

By the end of this training, participants will be able to:

• Have a firm understanding of Resin's architecture, features and capabilities.
• Have the practice needed to deploy and manage their own Resin application server.

Undertow is a lightweight web server written in Java. It is used by JBoss's WilfFly internally and is popular as an embedded web server for JVM-based applications.

In this course, participants will learn how to set up an Undertow web server as a standalone and embedded web server.

By the end of the course, participants will have an understanding of Undertow's architecture, features and capabilities and will be able to:

• Deploy and manage an Undertow server in standalone as well as embedded mode
• Embed Undertow into application code using Undertow's embedded APIs
• Integrate Undertow into a Wildfly Application Server
• Set up Undertow as the embedded servlet container for Spring Boot

Audience

• System administrators
• Enterprise web application developers
• DevOps engineeers
• Developers

Format of the course

• Part lecture, part discussion, exercises and heavy hands-on practice

This course teaches the practical use of Hibernate for persisting Java objects in a relational database.

Applications for the Android platform are developed primarily in Java. This course was developed for software programmers with a strong OOP background (whether in PHP, Scala, C++, C# or Objective C) that plan to learn how to develop Java applications for the android platform. This course covers the Java programming language grammar and focuses on those specific Java capabilities the android platform uses more than others.

JUnit is a framework to write repeatable tests and do unit testing for Java language.

During the training participant will know the specific use of selected issues, the basic problems encountered when using them, and the role of the application model. The training also includes a basic knowledge of the language standard library functions. Training requires knowledge of the development environment IDE used to build Java applications (e.g.. Eclipse, Netbeans). Training does not include a user interface issues.

The course covers the basics of Java development and introduces the Apache Maven software project management and comprehension tool.

Description

The Java language and the Runtime Environment (JRE) was designed to be free from the most problematic common security vulnerabilities experienced in other languages, like C/C++. Yet, software developers and architects should not only know how to use the various security features of the Java environment (positive security), but should also be aware of the numerous vulnerabilities that are still relevant for Java development (negative security).

The introduction of security services is preceded with a brief overview of the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. The use of these components is presented through several practical exercises, where participants can try out the discussed APIs for themselves.

The course also goes through and explains the most frequent and severe programming flaws of the Java language and platform, covering both the typical bugs committed by Java programmers and the language- and environment-specific issues. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn to use various security features of the Java development environment
• Have a practical understanding of cryptography
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in the Java framework
• Get sources and further readings on secure coding practices

Audience

Developers

Description

Beyond solid knowledge in using Java components, even for experienced Java programmers it is essential to have a deep knowledge in web-related vulnerabilities both on server and client side, the different vulnerabilities that are relevant for web applications written in Java, and the consequences of the various risks.

General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of Java with the most important aim to avoid the associated problems. In addition, a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5.

The course introduces security components of Standard Java Edition, which is preceded with the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. The use of all components is presented through practical exercises, where participants can try out the discussed APIs and tools for themselves.

Finally, the course explains the most frequent and severe programming flaws of the Java language and platform. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn client-side vulnerabilities and secure coding practices
• Learn to use various security features of the Java development environment
• Have a practical understanding of cryptography
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in the Java framework
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Audience

Developers

Even experienced Java programmers are not mastering by all means the various security services offered by Java, and are likewise not aware of the different vulnerabilities that are relevant for web applications written in Java.

The course – besides introducing security components of Standard Java Edition – deals with security issues of Java Enterprise Edition (JEE) and web services. Discussion of specific services is preceded with the foundations of cryptography and secure communication. Various exercises deal with declarative and programmatic security techniques in JEE, while both transport-layer and end-to-end security of web services is discussed. The use of all components is presented through several practical exercises, where participants can try out the discussed APIs and tools for themselves.

The course also goes through and explains the most frequent and severe programming flaws of the Java language and platform and web-related vulnerabilities. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Understand security concepts of Web services
• Learn to use various security features of the Java development environment
• Have a practical understanding of cryptography
• Understand security solutions of Java EE
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in the Java framework
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Audience

Developers

Beyond solid knowledge in using Java components, even for experienced Java programmers it is essential to have a deep knowledge in web-related vulnerabilities both on server and client side, the different vulnerabilities that are relevant for web applications written in Java, and the consequences of the various risks.

General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of Java with the most important aim to avoid the associated problems. In addition, a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5.

The course introduces security components of Standard Java Edition, which is preceded with the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. Security issues of Java Enterprise Edition are presented through various exercises explaining both declarative and programmatic security techniques in JEE.

Finally, the course explains the most frequent and severe programming flaws of the Java language and platform. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn client-side vulnerabilities and secure coding practices
• Learn to use various security features of the Java development environment
• Have a practical understanding of cryptography
• Understand security concepts of Web services
• Understand security solutions of Java EE
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in the Java framework
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Audience

Developers

To serve in the best way heterogeneous development groups that are using various platforms simultaneously during their everyday work, we have merged various topics into a combined course that presents diverse secure coding subjects in didactic manner on a single training event. This course combines C/C++ and Java platform security to provide an extensive, cross-platform secure coding expertise.

Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation.

Security components and service of Java are discussed by presenting the different APIs and tools through a number of practical exercises where participants can gain hands-on experience in using them. The course also covers security issues of web services and the related Java services that can be applied to prevent the most aching threats of the Internet based services. Finally, web- and Java-related security vulnerabilities are demonstrated by easy-to-understand exercises, which not only show the root cause of the problems, but also demonstrate the attack methods along with the recommended mitigation and coding techniques in order to avoid the associated security problems.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn client-side vulnerabilities and secure coding practices
• Learn to use various security features of the Java development environment
• Have a practical understanding of cryptography
• Realize the severe consequences of unsecure buffer handling
• Understand the architectural protection techniques and their weaknesses
• Learn about typical coding mistakes and how to avoid them
• Be informed about recent vulnerabilities in various platforms, frameworks and libraries
• Get sources and further readings on secure coding practices

Audience

Developers