SECURE JAVA CODE

Master the secure java development techniques needed to implement applications that are secure against attacks. The course has been developed based on the work and recommendations of the OWASP project (Open Web Application Security Project) in which the most common vulnerabilities detected in applications are described.

AGENDA 

• Introduction to secure code development

• Critical sections of an application

• Top 10 of OWASP and ASVS

• Injection errors (SQL injection, O.S. command injection, XSS, CSRF, etc.)

• Authentication control (password storage, password hashing, brute force) 

• Session control

• Data leakage (insufficient authorisation control, disclosure of information in error messages, Path traversal)

• Cryptographic controls (encryption types, certificates, keystores, key management, etc.)

• Secure deserialisation

• XXE

GENERAL INFORMATION

Advanced-level course

Mode: On-site and online training

Duration: 3 days (16 hours) on-site mode / 2 months online mode