1. Home
  2. Software Engineering
  3. Secure coding in Java

  • Secure coding in Java

  • Group Training

    In recent years, secure coding has become one of the most important focal points in application development. This training helps you to make your Java code ready for security audits.

    Training code
    CGASECCJCE
    Spoken Language
    English
    Language Materials
    English
    Dayparts
    6
    Price
    €2.100,00
    excl. VAT No extra costs.

    Book Secure coding in Java now

    In group training, we use several learning methods to help you obtain the knowledge, give you helpful insights and get you inspired. Check the Spoken language and Language materials on the left for language info.

    • 7-10-2024
      Utrecht
      €2.100,00
      €2.100,00
     

    What is Secure coding in Java

    Secure coding in Java means writing Java code that is free from the most common security risks.
    In application development security requirements play an important role in all parts of the process. Some of these requirements must be handled by Java developers. It is therefore important to be able to identify those components that may a pose higher risk and to be able to mitigate these risks by using proven solutions (i.e. from the OWASP site).
    By the end of this course participants will be able to:

    • Identify code components that may be subject to security weaknesses.
    • Mitigate security risks by using proven solutions.
    • Build a Java web application that is protected against most common security threats.
     
     

    Who should attend Secure coding in Java

    Any Java developer who contributes to building a Java web application where risk mitigation is an important requirement.

    Prerequisites

    Java developer
    During this training you need a laptop on which you can install software: IntelliJ IDEA – The Leading Java and Kotlin IDE (https://www.jetbrains.com/idea/download).

    Objectives

    • The participant can explain the benefits of security
    • The participant can explain the importance of using SSD
    • The participant can explain why companies need to comply to security standards
    • The participant can explain the concept of RSA encryption
    • The participant can explain the use of SSL
    • The participant can explain the concept of certificates in SSL
    • The participant can explain the use of certificates for website identification
    • The participant can explain the use of certificates for signing content
    • The participant can generate a self-signed certificate
    • The participant can explain and implement the concept of hashing
    • The participant can explain the difference between hashing and encryption
    • The participant can explain the need for GDPR and identify GDPR sensitive data
    • The participant can explain why companies need to comply to GDPR
    • The participant can use the OWASP site for identifying security vulnerabilities and risks
    • The participant is familiar with the top 10 vulnerabilities on the OWASP site
    • The participant can explain the concept of injection attacks
    • The participant can explain the concept of sanitizing user input
    • The participant can explain the concept of xss attacks
    • The participant can explain the concept of xxe attacks
    • The participant can explain the concept and use of security headers to prevent attacks
    • The participant can explain the concept of basic authentication
    • The participant can implement basic authentication
    • The participant can explain the concept of form based authentication
    • The participant can implement form based authentication
    • The participant can explain the concept of authorization
    • The participant can implement authorization
    • The participant can explain the concept of OAuth 2
    • The participant can implement OAuth 2
    • The participant can explain the concept of a csrf token
    • The participant can implement to use of a csrf token
    • The participant can explain the concept of an IDP
    • The participant can explain the concept of a JWT
    • The participant can implement a JWT
    • The participant can explain the importance of logging security related events
    • The participant can explain the importance of NOT logging GDPR related events
    To participate in this training, you should bring your own laptop and be able to install software on it.

     
    Incompany

    In recent years, secure coding has become one of the most important focal points in application development. This training helps you to make your Java code ready for security audits.

    Training code
    CGASECCJCE
    Spoken Language
    English
    Language Materials
    English
    Dayparts
    6
    Price
    €2.100,00
    excl. VAT No extra costs.

    With an Incompany training you have several advantages:

    - You choose the location
    - You experience the training with your colleagues, so it is always in line with your practice
    - The trainer can tailor explanations, examples and assignments to your organization
    - In consultation exercises can be adapted to organization-specific questions

    Request more information or a quote.

     

    What is Secure coding in Java

    Secure coding in Java means writing Java code that is free from the most common security risks.
    In application development security requirements play an important role in all parts of the process. Some of these requirements must be handled by Java developers. It is therefore important to be able to identify those components that may a pose higher risk and to be able to mitigate these risks by using proven solutions (i.e. from the OWASP site).
    By the end of this course participants will be able to:

    • Identify code components that may be subject to security weaknesses.
    • Mitigate security risks by using proven solutions.
    • Build a Java web application that is protected against most common security threats.
     
     

    Who should attend Secure coding in Java

    Any Java developer who contributes to building a Java web application where risk mitigation is an important requirement.

    Prerequisites

    Java developer
    During this training you need a laptop on which you can install software: IntelliJ IDEA – The Leading Java and Kotlin IDE (https://www.jetbrains.com/idea/download).

    Objectives

    • The participant can explain the benefits of security
    • The participant can explain the importance of using SSD
    • The participant can explain why companies need to comply to security standards
    • The participant can explain the concept of RSA encryption
    • The participant can explain the use of SSL
    • The participant can explain the concept of certificates in SSL
    • The participant can explain the use of certificates for website identification
    • The participant can explain the use of certificates for signing content
    • The participant can generate a self-signed certificate
    • The participant can explain and implement the concept of hashing
    • The participant can explain the difference between hashing and encryption
    • The participant can explain the need for GDPR and identify GDPR sensitive data
    • The participant can explain why companies need to comply to GDPR
    • The participant can use the OWASP site for identifying security vulnerabilities and risks
    • The participant is familiar with the top 10 vulnerabilities on the OWASP site
    • The participant can explain the concept of injection attacks
    • The participant can explain the concept of sanitizing user input
    • The participant can explain the concept of xss attacks
    • The participant can explain the concept of xxe attacks
    • The participant can explain the concept and use of security headers to prevent attacks
    • The participant can explain the concept of basic authentication
    • The participant can implement basic authentication
    • The participant can explain the concept of form based authentication
    • The participant can implement form based authentication
    • The participant can explain the concept of authorization
    • The participant can implement authorization
    • The participant can explain the concept of OAuth 2
    • The participant can implement OAuth 2
    • The participant can explain the concept of a csrf token
    • The participant can implement to use of a csrf token
    • The participant can explain the concept of an IDP
    • The participant can explain the concept of a JWT
    • The participant can implement a JWT
    • The participant can explain the importance of logging security related events
    • The participant can explain the importance of NOT logging GDPR related events
    To participate in this training, you should bring your own laptop and be able to install software on it.

     

  • Related

    Fields of Expertise
    Software Engineering
     
     

  • e-CF competences with this course

     

    At Capgemini Academy we believe in transparency and clarity in the training landscape. That is why, in the table below, we show you to which e-CF competence this training or certification contributes. For more information about how to use the e-Competence Framework read more here. If you want to know how you can apply the e-CF within your organization, read more on this page.

    e-Competence Level12345
    D.1.Information Security Strategy Development     
    B.1.Application Development