Our Java/Kotlin security workshop covers the fundamentals of secure coding in the Java environment. Throughout the course, developers will deep dive into the custom-built labs and sample applications. We believe that developers understand security concepts best within the context of their preferred programming languages, libraries and frameworks, so we offer a variety of exercises and examples to fit your company's particular toolset. With these tailored labs, we create actionable knowledge that enables the developers to improve the security quality of their code from the very earliest stages of development.
This Java secure development workshop is an advanced refresher of fundamentals of secure coding in Java, extended with some Spring particulars. Intensive practicing and some DIY testing included. We'll learn/refresh the most important webapp vulnerabilities from the perspective of a developer (the lead instructor is a senior enterprise developer). You'll learn how to find vulnerabilities during testing, how to recognize those within the source-code, how to avoid and mitigate those.
We'll reach an in-depth understanding of injections (SQL, XML, JSON, LDAP, XPath, log, cookie, etc.) and other server-side vulnerabilities (XEE, file-related, http redirection, http parameter pollution, …), and their defenses. We'll also understand vulnerabilities specific to the Java language, such as Java’s serialization vulnerabilities, numeric overflow vulnerabilities, etc.