ZION SECURITY :: Secure Coding for Java

Solutions
Code review
Penetration test
Quick Scan
Security testing
Web Application Firewall
Web Anti-Malware
Web Security
ZION VERIFIED
ZION MONITORED
Telecom Security
ZION UNIVERSITY

E-Learning Secure Coding for Java

Once developers understand the basics, they are in a position to start learning more specific design and coding techniques for Java application security. This course steps through the Open Web Application Security Project (OWASP) Top 10 as well as other common application security issues to demonstrate how applications are compromised and the design and coding practices that can help to secure applications from the Inside out.

Lesson 1: Cross-Site Scripting
After completing this lesson, you should be able to:

Define Cross-Site Scripting (XSS)
Recognize methods attackers use to realize an XSS attack
Identify how XSS attacks compromise users and data
Identify methods of mitigating XSS in an application

Lesson 2: Injection Flaws
After completing this lesson, you should be able to:

Identify various types of injection flaws
Identify means of mitigating injection flaws

Lesson 3: Malicious File Execution
After completing this lesson, you should be able to:

Detail various methods attackers can use to execute malicious code
Explain design, policy, and coding steps to protect against malicious file execution

Lesson 4: Insecure Direct Object Reference
After completing this lesson, you should be able to:

Observe where direct object references occur in applications
Understand methods of mitigating direct object reference attacks

Lesson 5: Cross-Site Request Forgery
After completing this lesson, you should be able to:

Explain Cross-Site Request Forgery (CSRF) and its relationship to Cross-Site Scripting
Explain how applications can protect against CSRF

Lesson 6: Information Leakage & Improper Error Handling
After completing this lesson, you should be able to:

Describe the information attackers are interested in obtaining
Describe reliable means of controlling information potential attackers can extract
Explain methods of mitigating XSS in an application

Lesson 7: Broken Authentication and Session Management
After completing this lesson, you should be able to:

Identify how an attacker can bypass normal authentication measures
Review measures to thwart such attacks

Lesson 8: Insecure Cryptographic Storage
After completing this lesson, you should be able to:

Identify the risks to sensitive data while "at rest"
Review means of classifying and properly encrypting sensitive data

Lesson 9: Insecure Communications
After completing this lesson, you should be able to:

Identify the risks inherent in not securing communications between users and applications
Failure to restrict URL access
Identify the risks inherent in not restricting access to URLs in your web server

Lesson 10: Failure to Restrict URL Access
After completing this lesson, you should be able to:

Identify the risks inherent in not restricting access to URLs in your web server

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.