Java Security Fundamentals

Course Description

No matter what product or service you’re building, understanding Java platform security is an essential foundation. In this course, you’ll learn platform security concepts along with practical security knowledge you can immediately apply to your own project. You’ll write secure code using platform APIs and identify common mistakes. This course is beneficial whether you’re building desktop applications, web applications, service infrastructure, the Internet of Things (IoT), or embedded applications.

Learning Objectives

Tackle Java platform security concepts and architecture
Implement public key infrastructure (PKI) and Java trust management concepts
Write secure code using Java SE APIs
Avoid common platform security pitfalls

Details

Delivery Format: eLearning

Duration: 1 Hour

Level: Beginner

Intended Audience:

Front-End Developers
Back-End Developers
Architects

Prerequisites: None

Course Outline

Introduction

Security Libraries

Platform Security

Strong Data Typing
Automated Garbage Collection
Secure Class Loading
Bytecode Verification
Exception Handling

Operational Concerns—Java Platform Security

SDLC Security
Strategic Design for Security
Certify Your Software Against Supported Java Runtime Environments (JREs)
Principles of Least Privilege (POLP)
Secure by Default

Data Validation

Sanitization and Validation
Security Validation: Blacklisting and Whitelisting

Logging

Getting Started with Logging
Logging Domains
Logging Security Use Cases
Design, Implementation, and Testing Considerations
Events to Log
Event Attributes
Security Logging with OWASP
Logging Technology

Advanced Coding Concept

Avoid String for Volatile Secrets
Avoid Deserializing Objects From Untrusted Sources
Java Native Interface (JNI) Bypasses Platform Safety Controls and Buffer Overflows
XEE/XXE XML Attacks

Course Description

Learning Objectives

Details

Course Outline

Get more course information

Corporate Headquarters

Customer Support

Worldwide Location

Legal