Attacking and Securing Java / JEE Web Applications (TT8320-J)

4.6 out of 5 rating Last updated 14/11/2024 English

Click "Enquire" below to find out more about this course

Interested in available dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.

Duration

4 Days

24 CPD hours

Overview

Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses.
Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux.
This “skills-centric” course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom.

Description

This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms.

Bug Hunting Foundation

Why Hunt Bugs
Safe and Appropriate Bug Hunting/Hacking

Scanning Web Applications

Scanning Applications Overview

Moving Forward from Hunting Bugs

Removing Bugs

Foundation for Securing Applications

Principles of Information Security

Bug Stomping 101

Unvalidated Data
Broken Authentication
Sensitive Data Exposure
XML External Entities (XXE)
Broken Access Control

Bug Stomping 102

Security Misconfiguration
Cross Site Scripting (XSS)
Deserialization/Vulnerable Components
Insufficient Logging and Monitoring
Spoofing, CSRF, and Redirects

Moving Forward with Application Security

Applications: What Next
Making Application Security Real

Additional course details:

Nexus Humans Attacking and Securing Java / JEE Web Applications (TT8320-J) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.

This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.

Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.

While we feel this is the best course for the Attacking and Securing Java / JEE Web Applications (TT8320-J) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.

Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

FAQ for the Attacking and Securing Java / JEE Web Applications (TT8320-J) Course

Available Delivery Options for the Attacking and Securing Java / JEE Web Applications (TT8320-J) training.

Live Instructor Led Classroom Online (Live Online)
Traditional Instructor Led Classroom (TILT/ILT)
Delivery at your offices in London or anywhere in the UK
Private dedicated course as works for your staff.

How many CPD hours does the Attacking and Securing Java / JEE Web Applications (TT8320-J) training provide?

The 4 day. Attacking and Securing Java / JEE Web Applications (TT8320-J) training course give you up to 24 CPD hours/structured learning hours. If you need a letter or certificate in a particular format for your association, organisation or professional body please just ask.

What is the correct audience for the Attacking and Securing Java / JEE Web Applications (TT8320-J) training?

This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge.

Do you provide training for the Attacking and Securing Java / JEE Web Applications (TT8320-J).

Yes we provide corporate training, dedicated training and closed classes for the Attacking and Securing Java / JEE Web Applications (TT8320-J). This can take place anywhere in UK including, England, Scotland, Cymru (Wales) or Northern Ireland or live online allowing you to have your teams from across UK or further afield to attend a single training event saving travel and delivery expenses.

What is the duration of the Attacking and Securing Java / JEE Web Applications (TT8320-J) program.

The Attacking and Securing Java / JEE Web Applications (TT8320-J) training takes place over 4 day(s), with each day lasting approximately 8 hours including small and lunch breaks to ensure that the delegates get the most out of the day.

Why are Nexus Human the best provider for the Attacking and Securing Java / JEE Web Applications (TT8320-J)?

Nexus Human are recognised as one of the best training companies as they and their trainers have won and hold many awards and titles including having previously won the Small Firms Best Trainer award, national training partner of the year for UK on multiple occasions, having trainers in the global top 30 instructor awards in 2012, 2019 and 2021. Nexus Human has also been nominated for the Tech Excellence awards multiple times. Learning Performance institute (LPI) external training provider sponsor 2024.

Is there a discount code for the Attacking and Securing Java / JEE Web Applications (TT8320-J) training.

Yes, the discount code PENPAL5 is currently available for the Attacking and Securing Java / JEE Web Applications (TT8320-J) training. Other discount codes may also be available but only one discount code or special offer can be used for each booking. This discount code is available for companies and individuals.

Jump to dates

Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us

Booking process was very easy. Once initial contact was made everything happened smoothly.

Pfizer

Great course yesterday and can’t give enough amazing feedback for John. I’ve never had a teacher hold attention of a class from start to finish, but yesterday he did this.

Jennifer O'Connor

Vistra

Alan delivered the training in an easy to understand and pleasant manner which was broken down into manageable chunks with an appropriate number of breaks to give folk time away from their laptops and screens. It is never easy to do 2 days of training on a fairly in-depth subject involving Software even in a classroom environment and remaining focused and engaged so doing it remotely adds another level of complexity, but I have to say that personally this was one of the best Training Events that I have attended for some years. I have gained so much knowledge of MS Project and it will certainly make my job easier going forward.

A large part of what I gained has to be credited to Alan’s manner and delivery and I should be grateful if you could pass on my thanks to him.

Also, the support, together with joining instructions & training literature etc from Nexus Human has been excellent – thank you for that. I intend feeding that back to our People and ICT Teams too

Nexus Human - Project class

December 2023

This was my 2nd course with Nexus Human and I enjoy the format of the courses.
This was very well-run, the instructor was superb and i will get a lot of benefit from having access for the next 6 months, I look forward to the next course.

Cathal

Kerry, Ireland

I would like to thank the staff of Nexus Human, who were very helpful, prompt, friendly and professional in helping me attain my Microsoft certification. I would like to thank Abdul in particular for his guidance during the course and commend him on his knowledge of software development.

Paul

ITC Group
Dublin

This is the 3rd course I have done with Arun. He is very helpful and always supportive if I have other questions outside the lecture parameters. I have already recommended him and Nexus Human to work colleges and would do so again after this course.

Philip

Nexus Human Classroom Student

The instructor was excellent. Was willing to field any questions we had and deal with our specific queries.

Excel student

The class just finished and I just wanted to mention to you that it was absolutely amazing. The quality of the training had very high standards, the trainer explained amazingly well and we actually practiced (did) all the steps. It was not learning by watching a presentation but by actually doing. The training has been delivered from Atlanta (US) and I cannot wait to go tomorrow in the office and recommend it. The connection and the lab environment were running perfectly.
Once again thank you very much and looking forward for the next trainings scheduled. Enrolling via Nexus Human was the perfect choice.

Cristina, Nexus Human IT Course Attendee

Firstly I would like to say thanks, I found the course I sat yesterday extremely beneficial and the instructor was fantastic, she was enthusiastic and engaging and I would highly recommend the course to friends and colleagues. The post class services are also excellent!

Adobe Student

Sharon was lovely and has a fantastic knowledge. Honestly I didn't think I needed part 1 but I am SO glad I came. Thank you. Will be back in for part 2.

Nexus Human Student

Excellent interaction and answered all of my questions. Looking forward to being able to apply some of the tips and features learned today which hopefully should have real impact on some of the more time consuming tasks currently encountered.

Nexus Human Power BI Attendee

Brilliant
Wonderful teacher
Course presented extremely well indeed

Nexus Human Student feedback

Top

Popular Courses

Certifications

Skill Up Cards

Skill Up Card - Course Bundles